Distributed Denial of Service

What is it?

DDoS (Distributed Denial of Service) is quite literally a means to kill all traffic or bandwidth to your site or render a computer resource unavailable. Worm developers often use DDoS to form their payloads. Imagine yourself as an internet worm developer. You wish to gain control of as many computers as possible, because then you will be able to produce distributed denial of service attacks (the more computers under your control, the stronger your attacks may become). These attacks may be quite advantageous to you, because you may be able to rent these attacks out to a third party. Corporations often have disputes - this can become a means to extortion. New techniques allow DDoS distributors to hide themselves very well when logging in to command a network due to the fact that they create a dynamic hierarchy where nothing stays the same for long, and every computer under the control of a worm used for DDoS attacks keeps changing their hierarchy in this network.

How does it work?

A simple DDoS attack could flood a server with packets. If the attacker has more bandwidth than the victim (which he probably does), then the victim would have some of his or her resources made unavailable. These DDoS attacks often cause substantial damage, such as the Storm Botnet and Storm Worm, which resulted in over 20% of spam on the internet at that time.

Summary

Exploits open a multitude of security vulnerabilities. You can imagine, with a company of over a certain number of employees, one might open the attachment in that idiotically titled e-mail and cause Pandora's Box to rock the whole office. A company could also forget that a computer exists and just let it run for many, many years until their network engineer realizes there's a random connected box linked up somewhere in the storage closet (you would be surprised how often this can happen). It is important to keep everything patched and up-to-date.

Thank you for reading this article. If you have any suggestions or need clarification please do not hesitate to start a thread on my forum or to send me an e-mail. There is no such thing as a stupid question, but there is such a thing as a stupid fear of asking.