Why DoS and DDoS attacks are the plague of the Internet
DoS和DDoS攻击为什么是Internet的灾难
by Jonathan Yarden
作者:Jonathan Yarden
翻译:endurer 2005.11.08 第1版
Keywords: Internet | Security threats | IDS (Intrusion Detection Systems) | Security management
关键字:Internet | 安全威胁 | IDS (入侵检测系统) | 安全管理
英文来源:http://techrepublic.com.com/5100-1009_11-5933394.html?tag=nl.e044
Takeaway:
DoS and DDoS attacks are not a new threat—they've been terrorizing the Internet for years. But after all these years, we're still no closer to learning how to deal with this problem. Jonathan Yarden weighs in on the threat of DoS and DDoS attacks.
概述:
DoS和DDoS攻击不是新威胁—它们已经恐吓Internet有些年头了。但经过这些年后,我们仍然没有倾向于学习如何处理这个问题。Jonathan Yarden为DoS和DDoS把脉。
《endurer注:
1。close to adv. 接近于, 在附近
2。deal with v. 安排, 处理, 涉及, 做生意
3。weigh in v. 参加, 称重量, 比赛前量体重》
Several years ago, I worked at a small Web site hosting company, where I first encountered the confusion and havoc caused by a denial-of-service (DoS) attack. On one occasion, after several hours of being unable to access the Internet, customers no longer cared what the problem was—they just wanted it fixed.
几年前,我在一家小的网站主机服务公司工作,在那儿我第一次遇到了拒绝服务攻击(denial-of-service,DoS)引起的混乱和破坏。有一个时候,在数小时不能访问Internet后,客户们不再关心问题是什么—他们只想着修复。
《endurer注:
1。havoc n. 大破坏, 浩劫 vt. 严重破坏
2。on one occasion 曾经, 有一个时候》
I determined that the traffic was HTTP requests, so I focused on checking Web servers. We hosted a number of popular Web sites, and I checked these first.
我断定流量是HTTP请求,所以我集中检查Web服务。我们为许多的的受欢迎的网站提供主机服务,我首先检查了它们。
《endurer注:
1。focus on 集中
2。a number of 许多的》
The size of one Web server log file was considerably larger than any of the others by several orders of magnitude. And one solitary IP address was requesting the same URL over and over again. While the Web server itself was operating fine, the traffic was saturating our 1.5-Mbps T1 Internet circuit and cutting off customers.
一个Web服务器的log文件的大小比其它的大出若干兆(magnitude)。一个单独的IP地址一再地请求同一个URL。当Web服务器自身操作时,流量达1.5-Mbps T1 Internet线路,并断绝了客户。
《endurer注:
1。order of 约为,大约
2。over and over again 一再地
3。fine vt. 罚款, 精炼, 澄清 adv. <口>很好, 妙, [常用于构成复合词]细微地,精巧地
4。cut off 切断, 断绝, 剥夺继承权》
To identify where the flood was coming from, I used Nslookup and found the domain name for the IP address causing the problem, which WHOIS resolved to another local hosting company. After several phone calls to the competitor's technical support number and a lengthy discussion with several technical staff members, the flood of traffic finally stopped.
为了明确洪水来自何处,我使用了Nslookup(endurer注:Nslookup用于查询DNS中的各种数据),发现了造成问题的IP地址的域名,其WHOIS解析到另一家本地主机服务公司。在几次拔打这个竞争者的技术支持电话号码,并与几名技术职员长时讨论后,流量洪水最终停止了。
I never received a clear answer about what happened to knock us offline. But the company folded during the dot-com crash, and a former technical support staff member later told me the attack was intentional—a conclusion I had already come to myself.
我没有收到关于是发生了什么导致我们离线的答案。但是该公司在.com泡沫破裂时歇业了,一个以前的技术支持职员后来告诉我,攻击是故意的—我自已已经想到的结论。
《endurer注:
1。happen to 发生在...人身上
2。come to 达到, 继承, 复苏, 停止;想起》
Unfortunately, DoS attacks have evolved into much more than one company trying to cause problems for another. With broadband access almost ubiquitous, there are no longer "simple" DoS attacks.
不幸地是,DoS攻击已经发展进化成不只一个公司试图给其他公司造成麻烦。随着宽带访问几乎无处不有,不再存在“简单的”DoS攻击了。
《endurer注:
1。evolve into 发展[进化]成
2。more than ph.多于;在...次以上;不只...
3。no longer 不再》
As we've seen, compromised broadband hosts under remote control can knock out even the biggest Internet companies, including Google and Microsoft. Writers of malicious code know that the majority of broadband computers are poorly maintained, making them ripe targets to install Trojan programs to later use for remote control as a group.
如我们所见,远程控制下缺乏抵抗力的宽带主机甚至可以使最大的Internet公司,包括google和微软,筋疲力竭。恶意代码的作者知道极大多数的宽带网络公司缺乏维护,使他们对成熟的目标安装木马程序留待后用作一个远程控制组。
《endurer注:
1。knock out 敲空, 击倒, 打破, 破坏, 使筋疲力竭》
These days, the number-one threat to the Internet as a whole is the targeted distributed DoS (DDoS) attack, which uses vast armies of compromised broadband computers. Fighting a DDoS attack is like trying to swim up Niagara Falls.
目前,整个Internet排在首位的威胁是分布式拒绝服务(distributed DoS,DDoS)攻击,该攻击使用大量的大群缺乏抵抗力的宽带计算机。与DDoS攻击作战就像试图游上尼亚加拉瀑布。
《endurer注:
1。these days 现在, 目前
2。as a whole 总体上》
Most Internet companies, even those staffed with the best IT pros, can do little to abate a DDoS flood without a lot of work and assistance from upstream ISPs. And non-Internet companies generally have no idea when they're under attack—they often don't even know what's going on.
大多数Internet公司,甚至那些拥有最好的IT专家的,没有大量工作和上游ISP的协助,可以对DDoS洪水做些许缓和。非Internet公司在受到攻击时,通常一筹莫展—他们甚至经常不知是怎么回事。
The writers of DDoS attacks know this all too well. There are already documented cases of extortion using the threat of DDoS attacks. Stopping and recovering from a DDoS attack takes time, money, and a skilled staff.
DDoS攻击的作者对此了若指掌。已经有利用DDoS攻击威胁的敲诈的文献记录。停止DDoS攻击并恢复花费了时间,资金和人力。
DoS and DDoS attacks are not a new threat; they've been terrorizing the Internet for years. And yet, only a few vendors offer products that can help defend networks from DoS attacks, and even those tools can't withstand a sustained DDoS attack.
DoS和DDoS攻击不是新威胁:它们已经恐吓Internet有些年头了。然而,只有一些供应商提供能帮助网助抵御DoS攻击的产品,甚至这些工具不能抵挡相同的DDoS攻击。
Denial of service is the new plague of the Internet—just ask Google and Microsoft. But after all these years, we're still no closer to learning how to deal with this problem.
DoS和DDoS攻击是Internet的新灾难-就问Google和微软就够了。但经过这些年后,我们仍然没有倾向于学习如何处理这个问题。
DDoS attacks are on the rise. And unfortunately, while most organizations won't necessarily be a target for attacks, they'll still be a victim of their effects.
DDoS攻击在上升。并且不幸的是,尽管大多数组织机构不必成为攻击的对象,但将成为牺牲品。
分享到:
相关推荐
这文档主要讲解DoS与DDoS攻击原理以及对于安全人员如何来进行防范这种攻击
DoS和DDoS的攻击方法解析教你如何攻防
1.7 没有设置任何标志的TCP报文攻击 正常情况下,任何TCP报文都会设置SYN,FIN,ACK,RST,PSH五个标志中的至少一个标志,第一个TCP报文(TCP连接请求报文)设置SYN标志,后续报文都设置ACK标志。有的协议栈基于...
应对DoS,DDoS攻击的十条军规.。。。。。。。。。。。。。。。。
Linux下DoS和DDoS攻击的防范.pdf
Dos ddos 网络攻击原理及其实现
那么什么是Dos和DdoS呢?DoS是一种利用单台计算机的攻击 方式。而DdoS是一种基于DoS的特殊形式的拒绝服务攻击,是一种分布、协作的大规模攻击方式,主要瞄准比较大的站点。如果说以前网络管理员对抗Dos可以采取过滤IP...
很多企业网站和个人网站都不止一次地遭遇过DoS/DDoS攻击,由此也积累了一些“亡羊补牢”的经验。下面列出的就是笔者收集的十个预防、应对DoS/DDoS攻击的有效方法
假DDos攻击演示 假DDos攻击演示 假DDos攻击演示 假DDos攻击演示假DDos攻击演示 假DDos攻击演示
愈演愈烈的拒绝服务(Denial of Service,DoS)攻击带来的最大危害是服务不可达而 导致业务丢失,而且,这样的危害带来的影响,在攻击结束后的很长一段时间内都无法消弥。 对于像eBay 或者Buy.com 这样的电子商务...
这就是为什么DDOS类的攻击总能胜利击溃网站或支付系统的原因。 Yordanov解释说:由于DDOS攻击所采用的访问请求很难与正常访问请求区别开,最近在接受ZDnet采访时。因此保守的防御系统,比方入侵预防系统或入侵检测...
DDoS 是英文 Distributed Denial of Service 的缩写,意即“分布式拒绝服务”
ddos攻击分析案例,分析相当精辟,简单易懂,欢迎下载。
根据DDoS攻击发生时网络中的流量特性和IP熵特性,建立了相应的流量隶属函数和IP熵隶属函数,隶属函数的上下限参数通过对真实网络环境仿真得到。提出了基于流量和IP熵特性的DDoS攻击检测算法,先判断流量是否异常,再...
论文对入侵检测和入侵防御技术、DDoS攻击系统的概念和基本原理、用户信任管理体系和信任分类的知识进行了简要分析,从而为建立基于用户信任值的一种检测和防御DDoS攻击模型打下基础。
TCP(ddos攻击研究
被ddos攻击状态显示
DDoS攻击是一种很简单但又很有效的进攻方式,攻击方式层出不穷。我们开发攻击防御系统,保障业务在被攻击时不受影响。本次演讲分享14年12月份,我们是如何防御453.8Gbps全球互联网最大攻击。 1、攻击防御过程是怎么...