DDoS'ing into Oblivion

I don't know if you've noticed, but Distributed Denial of Service (DDoS) has taken the spotlight on center stage of this 3-ring circus we call the Internet.

If you don't know what a DDoS is, I suggest you go give Wikipedia a quick read, and maybe get WiFi in the cave.


What used to be a nuisance, and let's face it DDoS started out as a nuisance, has turned into an interesting and powerful weapon.  Tools like LOIC which is released by "Anonymous" and the OWASP tool that essentially does a similar task against web servers using slow header payloads are brutal.  These can cause serious outages and down web servers and entire sites, or even web farms.

Let's talk impact

• Full pipe - a DDoS can fill your network pipe with junk traffic and effectively cut you off from the rest of the Internet
• Overloaded server - a DDoS can actually completely overwhelm a piece of hardware, and cause the machine to die
• Overloaded server - a DDoS can also overwhelm poorly (actually even no-so poorly) written software to completely stop responding and die
• Software zombie - an interesting condition recently uncovered where a server is still completely responsive to other requests except that legitimate requests for targeted sites returning nothing at all
• Huge bill - That's right, imagine paying for your Internet pipe by the megabyte... then you get a 100Mbit/sec flood for 12 straight hours ... you could go broke trying to pay that bill!
• Bad PR - Imagine if you're launching a super-cool online game that some kid gets mad at and takes down your servers ...ouch!

Perfect example, Al-Akhbar's website has been decimated (and is still down) for a while now... interesting use of internet bandwidth.

So DDoS is a very versatile tool - and with literally millions and millions of zombie machines out there - maybe even YOURS - the attacker agents are plentiful.  I wonder what the horizon holds for DDoS attacks ...it could be interesting.