A Free Educational Resource Created by Carnegie Mellon University to Empower You to Secure Your Part of Cyberspace

Distributed Denial of Service (DDoS)

Interfering with a computer system by sending more Internet traffic to it than it can handle

Denial of service (DoS) attacks interfere with a computer system by sending more Internet traffic to it than it can handle. This causes an interruption of the services provided by the system.

When you access a Web page, you make a request to the site’s computer server to see the page. The server then sends you all the contents of the Web page. A denial of service attack involves trying to send a large number of these requests to a single machine very rapidly, so that the server becomes overloaded by spending all or most of its time responding to the requests.

Distributed denial of service (a.k.a. DDoS) is a special type of DoS attack, in which the requests bombarding the server come from multiple machines, usually in separate locations, rather than from a single machine. The attacker must first create a network of computers for his attack, usually by creating a virus application that self-replicates and distributes itself across the Internet. Once several machines are infected, the virus is activated at a certain time and date, so that all machines try to make a request at the same time to the same server.

The only damage a denial of service attack can create is the interruption of a service. It does not affect your files or your privacy. However, the loss in productivity and the denial of access to services can be devastating, especially with our increasing dependence on computers for all types of work.

Protective Measures

Practices

  • Check for telltale signs of a DoS attack or distributed DoS attack network: The following could be signs that your computer is subject to a DoS attack or has been made part of a distributed DoS attack network:

    • Your computer runs noticeably more slowly than usual
    • Your Internet connection is slower than usual
    • The activity lights on your high-speed (cable or DSL) modem are solid (i.e., on almost all of the time)

  • Report suspicious activity to your Internet Service Provider (ISP): Call your ISP if you believe you are under DoS attack or have been made part of a distributed DoS attack network. Follow the instructions they provide.

  • Conduct regular anti-virus scans: Be sure to scan your computer for viruses that could make your computer part of a DDoS network. All major anti-virus software can be set to automatically scan files, but it’s a good idea to scan your computer manually at least once every two weeks.

References

Links

My home page