DDoS, DoS, Security

DRDoS – Denial of Service on Steroids

DDoS is one of the oldest and most used forms of “internet protesting” in the book, its used thousands of times a day all around the world.  For those who do not know, DDoS stands for Distributed Denial of Service, otherwise meaning a shit tonne of attackers pelting a poor server with millions of packets until said server cannot cope any more and, well, denies service.

Normally if you would like to carry out a DDoS attack you would have to either build a botnet of thousands infected computers or devices, or use a pay-for-hire DDoS service which you can find in one Google search. This is great in all for the common criminal, but building a botnet takes time and skill and pay-for-hire services are costly and mostly useless.

What most people don’t know is that some of the largest attacks ever recorded in internet history were only most likely using a few, maybe 50 machines at most to attack with. This is made possible due to term “Amplification” or “DRDoS” (Distributed Reflection Denial of Service) in which the attackers turn a small request into a much larger one by using open internet resolvers that anyone can use.

Continue reading “DRDoS – Denial of Service on Steroids” »