DoS - Denial of Service - the attack on the "denial of service".To carry out this attack in two ways.In the first method for DoS-attacks using the vulnerability of software installed on the target computer .With such vulnerability on the computer can cause some critical error, which will lead to malfunction of the system.
second method attack is carried out by simultaneously sending a large number of information packets to the target computer .According to the principles of data transfer between computers on the network, each packet of information sent from one computer to another is treated a certain time.
If at the same time on the computer enters another request, the package becomes "all" and takes a certain amo
DDoS-attack - a kind of DoS-attacks. Distributed Denial of Service - «distributed denial of service" - organized with the help of a very large number of computers, so that the attack may be exposed to a server, even with very high bandwidth Internet channel.Sometimes the effect
DDoS-attacks "triggered" by accident.This happens if, for example, a site located on a server, the reference was set in a popular Internet resource.This causes a powerful surge in site traffic ( spleshdot effect ), which operates similarly to the server DDoS-attack.
DDoS-attacks, in contrast to a DoS-attacks, often carried out for commercial gain, as for the organization of DDoS-attacks need hundreds of thousands of computers, and such enormous material and time costs can afford not everyone.For the organization of DDoS-attacks hackers use a special network of computers - botnet .
botnet - a network of infected special type of virus kompyuterov- «zombie» .Every so an attacker can control your computer remotely, without the knowledge of the computer owner.With the help of a virus or a program cleverly masquerading as "useful content" on the victim computers installed malicious code that is not recognized Antivirus and works in "stealth mode".At the right moment for the team owner of the botnet, such a program is activated and begins to send to the target server.
During the DDoS-attacks attackers often use «cluster DDoS» - a special three-tier network architecture computers.This structure contains one or more management console , being directly fed signal DDoS-attack.
signal is transmitted to the host computers - «transmitter link" between the management console and PC agents. Agents - are computers directly attacking its server requests.And the host computer and computers agents - is usually "zombie", i.e.their owners are not aware that they are members of DDoS-attacks.
methods of protection from DDoS-attacks are different depending on the type of the attack.Among DDoS-attacks are the following types:UDP flood - the attack by sending to the address of "victim" of a set of packages UDP;TCP flood - the attack by sending to the address of "victim" of a set of packages TCP;TCP SYN flood - an attack by a large number of requests mandrel to initialize TCP-connections;ICMP flood - attack by ping requests ICMP.
Attackers can combine these and other types of DDoS-attacks, which makes such an attack even more dangerous and intractable.
Unfortunately, universal methods of protection from DDoS-attacks there .But the observance of some common rules will help reduce the risk of DDoS-attacks or as efficiently as possible to deal with its consequences.
So, to prevent DDoS-attacks is necessary to constantly monitor the underlying vulnerability in the used software to build resources and to disperse them.Be sure your computer must be set at least a minimum package of protection against DDoS.It may be conventional firewalls (firewalls) and special anti-DDoS software. To detect DDoS-attacks must use special hardware and software systems.