Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
SYS-CON.TV
Cloud Expo & Virtualization 2009 East
PLATINUM SPONSORS:
IBM
Smarter Business Solutions Through Dynamic Infrastructure
IBM
Smarter Insights: How the CIO Becomes a Hero Again
Microsoft
Windows Azure
GOLD SPONSORS:
Appsense
Why VDI?
CA
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
ExactTarget
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun
Sun's Incubation Platform: Helping Startups Serve the Enterprise
POWER PANELS:
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
An Overview of DDoS Attacks | @CloudExpo #Cloud #Security #DataCenter
Cloud computing provides access to multiple virtual machines with many having unique public facing IP addresses

Powerful Denial of Service attacks are becoming increasingly common. A Distributed Denial of Service attack is when the attacker uses multiple machines to flood the resources of the target to overwhelm it and deny the legitimate users access to the service. The DDoS attack on Dyn in October 2016 was one of most powerful attacks in history. Many DDoS attacks can be thwarted to a large extent by increasing the system’s capacity during an attack, but that is not a solution because it still causes monetary losses.

DDoS attacks typically employ three methods:

  1. Finding a vulnerability in the victim’s service
  2. Finding an endpoint in the victim’s service that is computationally heavy (for example, a login system that uses a slow hashing algorithm) but without a rate limit and abusing it
  3. Depleting the available bandwidth of the victim’s service

Cloud computing provides access to multiple virtual machines with many having unique public facing IP addresses. These virtual machines, however, are a goldmine of “zombies” for an attacker. Attackers are always doing automated scans on the internet for easily exploitable machines and put them to use as “zombie machines” in an attack. These machines form a part of botnets, which are available for lease in the dark web for anyone willing to go down that path! Botnets as a Service (BaaS?) are a reality now.

Cloud providers are very active in taming these bots. They lock down any virtual machine that exhibits abnormal behavior. Such botnets are hard to detect though, because they can remain dormant for a long time and take turns in collaborative attacks, thus never raising any suspicions towards their behavior. The idea is to find machines with known vulnerabilities. It is absurd that so many machines are still left open in the wild to be exploited.

Some scan strategies employed by attackers are:

  1. Random scan: In this strategy, many hosts scan the whole IPv4 address space. IPv6 space is protected from this type of scan since it is too large to operate on effectively.
  2. Hitlist scan: This scan works on a list of machines that the attacker wants to pwn. When a vulnerable machine is detected and pwned, the attacker sends a part of the list to that machine to operate on.
  3. Route-based scan: This type of scan uses BGP routing prefixes to reduce the address space.
  4. Divide and Conquer scan: In this strategy, different hosts act on different parts of the address space.
  5. Topological scan: This scan uses the information on the compromised host to select new targets. All email worms work in this way by exploiting the address books.
  6. Local Subnet scans: This type of scans use any of the above defined techniques to find out vulnerable machines in the local network of a compromised host. This is effective when all machines in the subnet do not have a publicly accessible IP address and thus cannot be attacked directly.

It is also important to make a distinction between the hosts and the victims in a DDoS attack, because sometimes the hosts themselves are the ones attacked. While hosts are usually used as “zombies” in DDoS attacks, they can be the victims themselves. While having control over a host, the attacker can:

  1. Use fork() bombs, in which a process is made to replicate itself continually until the machine freezes up
  2. Intentionally generate errors to fill up the logs and thus, depleting the disk space to cause the application to crash
  3. Execute a simple shutdown, taking that node down.

DDoS attacks are becoming a menace. As difficult as it is, safeguarding their web services against such attack should be a top priority of any sysadmin. Several steps can be taken to mitigate them, like subscribing to more bandwidth, upstream blackholing or using a third-party frontline defense like Cloudflare.

About Harry Trott
Harry Trott is an IT consultant from Perth, WA. He is currently working on a long term project in Bangalore, India. Harry has over 7 years of work experience on cloud and networking based projects. He is also working on a SaaS based startup which is currently in stealth mode.

Latest Cloud Developer Stories
As Cybric's Chief Technology Officer, Mike D. Kail is responsible for the strategic vision and technical direction of the platform. Prior to founding Cybric, Mike was Yahoo's CIO and SVP of Infrastructure, where he led the IT and Data Center functions for the company. He has more...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance acros...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging ...
"MobiDev is a Ukraine-based software development company. We do mobile development, and we're specialists in that. But we do full stack software development for entrepreneurs, for emerging companies, and for enterprise ventures," explained Alan Winters, U.S. Head of Business Deve...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 ...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021



SYS-CON Featured Whitepapers
ADS BY GOOGLE