What Is DDoS and How Can You Protect Yourself? - 56juqingba: How-to instructions you can trust

Spread the love

There are times when a service you regularly use goes down or experiences severe stability issues for a prolonged period, from several hours to several days. Many of these are the result of distributed denial of service (DDoS) attacks by malicious parties. In case you’re wondering what they are and how they affect you, we’ll delve into that and also show you how you can protect yourself from unwittingly becoming part of the problem.

Content

Table of Contents

What are “DoS” and “DDoS?”

DoS and DDoS are both attacks that are carried out on a particular computer or server that usually ends up hurting other devices working on the same network. Both of these attacks have one thing in common: They flood the destination server with connection requests and/or data.

The goal of both DoS and DDoS attacks is to overwhelm the server with so much data that it will simply stop accepting new connections or crash the software running on it. When a server is overwhelmed in this fashion, people trying to access it will experience connection timeouts and unstable connections.

This will manifest in a variety of ways that are noticeable to you:

If the server hosts a website, it will either fail to load or do so a lot more slowly. Other websites will work just fine, meaning it has nothing to do with your own connectivity.
Once the website loads, some assets will either refuse to load, provide errors, or load very slowly.
If you’re on a live service, like a game or an app, there will be massive delays in your response time. Games with positions rendered server-side, like most PvP or MMORPG games, will experience severe rubber-banding and delays for actions that require a single button press.

DDoS and DoS are very similar in their intent to cause outages of essential services from a particular node on a network. Where they differ is in the number of computers attacking.

DoS, or Denial of Service, attacks are carried out by one single computer.

DDoS, or Distributed Denial of Service, attacks are carried out by multiple computers, usually in the range of thousands to millions. Usually, the computers attacking have no idea that they’re doing so. They are also unwitting victims of the attack.

Both attacks can be dangerous, but DDoS is the most dangerous of all.

Methods of Execution

DoS attacks are very simple. They involve only one endpoint and flood another endpoint with packets of data in hopes of seizing it up. Usually this is done by using a script that either sends a constant stream of packets to an open port on a system or by taking advantage of vulnerabilities in a protocol to overwhelm unsecured ports.

DDoS attacks are much more sophisticated and are often carried out by botnets. A botnet is a group of computers that have been infected by malware and allows a central hub to remote control it.

These hubs would often take the form of hidden chat rooms in IRC networks, although some botnets today can operate using more modern protocols like Matrix or XMPP. After the computers have all connected to the terminal, the hacker commands all of them to flood the target machine.

Image source:
Wikimedia Commons

Sometimes, this involves thousands of computers, all pouring the full brunt of their bandwidth into one server. This poses an extreme risk, especially in the modern day, since bandwidth is cheap enough that a large enough number of personal computers worldwide are hooked up to connections that can match some web servers in power.

How does DDoS Affect You?

There are two ways to be a victim of a DDoS attack: Your computer can either be infected with a virus that forces you into a botnet, or you can be the target of a DDoS attack.

Image source:
Wikimedia Commons

If you’re on your personal computer, you’ll usually only have the former to worry about. You’ll notice your computer is being used as a botnet zombie through some of the following signs:

Your computer may be ramping up its CPU fan much more than usual, even when you’re idle. When you check your task manager, the CPU statistics show significant usage from applications you do not normally recognize.
Applications take longer to load.
Your task manager is showing a large amount of network usage even after you close applications that make use of the Internet.
Your IP shows up on the database of Kaspersky’s IP scanner or Capture Labs’ IP reputation lookup.
When connecting to live-service games, your ping climbs higher than usual even when connecting to local servers.

How to Protect Yourself from DDoS

Service providers protect themselves from DDoS attacks by outsourcing the job to specialized DDoS mitigation services that employ load balancing and various other techniques to minimize the impact of attacks.

To prevent becoming a part of this arms race, make sure that you follow a few simple steps:

Keep your system up to date so that it is as hardened as possible against attacks.
Do not click through dialogs when applications are asking for permission to use your computer without first finding out why they want to have root access.
Practice safe browsing techniques and avoid shady websites.
Do not open links you do not recognize, even in messages from people you trust, until you’ve thoroughly determined that they’re safe to browse.
Avoid opening email attachments unless you trust the source of the message.

What if You’re Infected With a DDoS Virus?

Although software firewalls are very effective at stopping malicious traffic from penetrating your network, they still need your input to do so. If you accidentally add a virus to the firewall’s acceptance rules, then you’ve invalidated its purpose.

Check to see what programs you’ve listed as exceptions. If any of them look suspicious, do a quick search on the web to determine whether it’s something you should remove from your rule set.

In general, keeping whatever antivirus you use up to date will stop things like these from happening. Rare exceptions, of course, exist (like “zero-day” viruses). However, there’s always a very short window between their existence and a patch that can get rid of them.

Don’t let Yourself Become an Attack Vector

By arming yourself with this knowledge, you can make sure that your computer isn’t unknowingly being used for illegal activities. It’s very important that you eliminate these threats from your system, as being part of a botnet could make certain web services like your search engine treat your traffic as suspicious and block you at least until you change your IP address.

If you encounter a particularly sticky virus, try some of these tips to help you eliminate it without depending on the automated processes that your antivirus software provides.

Image Credit: SDXL

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Sign up for all newsletters.
By signing up, you agree to our Privacy Policy and European users agree to the data transfer policy. We will not share your data and you can unsubscribe at any time. Subscribe

Miguel Leiva-Gomez

Miguel has been a business growth and technology expert for more than a decade and has written software for even longer. From his little castle in Romania, he presents cold and analytical perspectives to things that affect the tech world.