DoS和DDoS攻击为什么是Internet的灾难

Why DoS and DDoS attacks are the plague of the Internet
DoS和DDoS攻击为什么是Internet的灾难

by Jonathan Yarden

作者：Jonathan Yarden
翻译：endurer 2005.11.08　第1版

Keywords: Internet | Security threats | IDS (Intrusion Detection Systems) | Security management

关键字：Internet | 安全威胁 | IDS (入侵检测系统) | 安全管理

英文来源：http://techrepublic.com.com/5100-1009_11-5933394.html?tag=nl.e044

Takeaway:
DoS and DDoS attacks are not a new threat—they've been terrorizing the Internet for years. But after all these years, we're still no closer to learning how to deal with this problem. Jonathan Yarden weighs in on the threat of DoS and DDoS attacks.

概述：
DoS和DDoS攻击不是新威胁—它们已经恐吓Internet有些年头了。但经过这些年后，我们仍然没有倾向于学习如何处理这个问题。Jonathan Yarden为DoS和DDoS把脉。

《endurer注：
1。close to adv. 接近于, 在附近
2。deal with v. 安排, 处理, 涉及, 做生意
3。weigh in v. 参加, 称重量, 比赛前量体重》

Several years ago, I worked at a small Web site hosting company, where I first encountered the confusion and havoc caused by a denial-of-service (DoS) attack. On one occasion, after several hours of being unable to access the Internet, customers no longer cared what the problem was—they just wanted it fixed.
几年前，我在一家小的网站主机服务公司工作，在那儿我第一次遇到了拒绝服务攻击（denial-of-service，DoS）引起的混乱和破坏。有一个时候，在数小时不能访问Internet后，客户们不再关心问题是什么—他们只想着修复。

《endurer注：
1。havoc n. 大破坏, 浩劫 vt. 严重破坏
2。on one occasion 曾经, 有一个时候》

I determined that the traffic was HTTP requests, so I focused on checking Web servers. We hosted a number of popular Web sites, and I checked these first.
我断定流量是HTTP请求，所以我集中检查Web服务。我们为许多的的受欢迎的网站提供主机服务，我首先检查了它们。

《endurer注：
1。focus on 集中
2。a number of 许多的》

The size of one Web server log file was considerably larger than any of the others by several orders of magnitude. And one solitary IP address was requesting the same URL over and over again. While the Web server itself was operating fine, the traffic was saturating our 1.5-Mbps T1 Internet circuit and cutting off customers.
一个Web服务器的log文件的大小比其它的大出若干兆（magnitude）。一个单独的IP地址一再地请求同一个URL。当Web服务器自身操作时，流量达1.5-Mbps T1 Internet线路，并断绝了客户。

《endurer注：
1。order of 约为,大约
2。over and over again 一再地
3。fine vt. 罚款, 精炼, 澄清 adv. <口>很好, 妙, [常用于构成复合词]细微地,精巧地
4。cut off 切断, 断绝, 剥夺继承权》

To identify where the flood was coming from, I used Nslookup and found the domain name for the IP address causing the problem, which WHOIS resolved to another local hosting company. After several phone calls to the competitor's technical support number and a lengthy discussion with several technical staff members, the flood of traffic finally stopped.
为了明确洪水来自何处，我使用了Nslookup（endurer注：Nslookup用于查询DNS中的各种数据），发现了造成问题的IP地址的域名，其WHOIS解析到另一家本地主机服务公司。在几次拔打这个竞争者的技术支持电话号码，并与几名技术职员长时讨论后，流量洪水最终停止了。

I never received a clear answer about what happened to knock us offline. But the company folded during the dot-com crash, and a former technical support staff member later told me the attack was intentional—a conclusion I had already come to myself.
我没有收到关于是发生了什么导致我们离线的答案。但是该公司在.com泡沫破裂时歇业了，一个以前的技术支持职员后来告诉我，攻击是故意的—我自已已经想到的结论。

《endurer注：
1。happen to 发生在...人身上
2。come to 达到, 继承, 复苏, 停止；想起》

Unfortunately, DoS attacks have evolved into much more than one company trying to cause problems for another. With broadband access almost ubiquitous, there are no longer "simple" DoS attacks.
不幸地是，DoS攻击已经发展进化成不只一个公司试图给其他公司造成麻烦。随着宽带访问几乎无处不有，不再存在“简单的”DoS攻击了。
《endurer注：
1。evolve into 发展[进化]成
2。more than ph.多于；在...次以上；不只...
3。no longer 不再》

As we've seen, compromised broadband hosts under remote control can knock out even the biggest Internet companies, including Google and Microsoft. Writers of malicious code know that the majority of broadband computers are poorly maintained, making them ripe targets to install Trojan programs to later use for remote control as a group.
如我们所见，远程控制下缺乏抵抗力的宽带主机甚至可以使最大的Internet公司，包括google和微软，筋疲力竭。恶意代码的作者知道极大多数的宽带网络公司缺乏维护，使他们对成熟的目标安装木马程序留待后用作一个远程控制组。

《endurer注：
1。knock out 敲空, 击倒, 打破, 破坏, 使筋疲力竭》

These days, the number-one threat to the Internet as a whole is the targeted distributed DoS (DDoS) attack, which uses vast armies of compromised broadband computers. Fighting a DDoS attack is like trying to swim up Niagara Falls.
目前，整个Internet排在首位的威胁是分布式拒绝服务（distributed DoS，DDoS）攻击，该攻击使用大量的大群缺乏抵抗力的宽带计算机。与DDoS攻击作战就像试图游上尼亚加拉瀑布。

《endurer注：
1。these days 现在, 目前
2。as a whole 总体上》

Most Internet companies, even those staffed with the best IT pros, can do little to abate a DDoS flood without a lot of work and assistance from upstream ISPs. And non-Internet companies generally have no idea when they're under attack—they often don't even know what's going on.
大多数Internet公司，甚至那些拥有最好的IT专家的，没有大量工作和上游ISP的协助，可以对DDoS洪水做些许缓和。非Internet公司在受到攻击时，通常一筹莫展—他们甚至经常不知是怎么回事。

The writers of DDoS attacks know this all too well. There are already documented cases of extortion using the threat of DDoS attacks. Stopping and recovering from a DDoS attack takes time, money, and a skilled staff.
DDoS攻击的作者对此了若指掌。已经有利用DDoS攻击威胁的敲诈的文献记录。停止DDoS攻击并恢复花费了时间，资金和人力。

DoS and DDoS attacks are not a new threat; they've been terrorizing the Internet for years. And yet, only a few vendors offer products that can help defend networks from DoS attacks, and even those tools can't withstand a sustained DDoS attack.
DoS和DDoS攻击不是新威胁：它们已经恐吓Internet有些年头了。然而，只有一些供应商提供能帮助网助抵御DoS攻击的产品，甚至这些工具不能抵挡相同的DDoS攻击。

Denial of service is the new plague of the Internet—just ask Google and Microsoft. But after all these years, we're still no closer to learning how to deal with this problem.

DoS和DDoS攻击是Internet的新灾难－就问Google和微软就够了。但经过这些年后，我们仍然没有倾向于学习如何处理这个问题。

DDoS attacks are on the rise. And unfortunately, while most organizations won't necessarily be a target for attacks, they'll still be a victim of their effects.

DDoS攻击在上升。并且不幸的是，尽管大多数组织机构不必成为攻击的对象，但将成为牺牲品。