Denial of Service Attack

Imagine a group of junior high school kids who decide to play a prank on their least favorite teacher. They agree that they will all call the teachers phone, as quickly as they can dial, non-stop, until he unplugs the phone in frustration.

When this happens using the Internet rather than telephones, its called a Denial of Service attack. Such attacks are designed to either keep the target system so busy handling the attack that it cant get anything else done, or to overwhelm it into shutting down completely.

Why should anyone but a system administrator worry about denial of service attacks? Users need to be aware of something called a BotNet.

The MyDoom virus was one of the first viruses to attempt two levels of attack. First, the virus would try to spread. On infection, though, it would insert a second program into the system. Basically, on MyDooms trigger date (February 1st, 2004), any infected system would launch a denial of service attack against MyDooms real target.

The virus tried to establish a collection of computers that would all launch attacks on the same day. This collection is a botnet, and in the years since MyDoom pioneered the concept, literally dozens of programs have expanded on the idea.

A popular program in use today is Stacheldraht. Stacheldraht is the master program, and it manages a collection of handler computers. Each of these handlers can control up to a thousand zombie computers around the world. The hacker with the Stacheldraht master says attack this server, the handlers pass the word along, and thousands of systems instantly change from peaceful home computers into remote-controlled computer attackers..

Sure, it sounds like a line from a bad horror movie, but its true. Users need to keep their systems from becoming one of Stacheldrahts zombies.

< Back To Malware Next Previous