Please enable / Por favor activa JavaScript!
Por favor activa el Javascript![ ? ]
Tools and resources to optimize SEO of your web:

SEMrush

El artículo con ID 1354, con web https://www.exabyteinformatica.com/tienda/foro/21-10-2016-ddos-attack-that-knocked-twitter-whatsapp-t1354.html y con una longitud de 110 caracteres, ha sido cargada con éxito. Para poder acceder a los sub-foros o temas, pulsa en el título de cada enlace de la lista de esta página (el título que aparece junto al mushroom). Recuerda que en algunas páginas hay un selector de registros situado en la parte inferior que te permitirá saltar a más páginas.Para poder comentar en este foro o en el resto de exaforo, préviamente a poder escribir tus comentarios tienes que registrarte, tranquil@ es y será siempre GRATIS.

Registrándote aceptas haber leído y estar de acuerdo con las Normas generales del foro. No cuesta nada agradecer un comentario de alguien o de no insultarle, el respeto es el valor más preciado que intentamos fomentar. Si detectamos cualquier actitud poco respetuosa hacia a algún miembro, tu cuenta será cancelada. Así mismo, si algún miembro tiene una actitud irrespetuosa hacia ti, su cuenta será igualmente cancelada.

Cuando decidas escribir para nosotr@s, por favor, no copies y pegues contenido que ya exista en otra página web o que ya sea de otro usuario. Ten en cuenta que si detectamos contenido duplicado, el sistema anti-spam procederá a borrarlo sin prévio aviso.

Finalmente, y no por eso menos importante, queremos desde todo el equipo humano que formamos Exaforo, desearte una muy feliz y productiva estancia en nuestro dominio. Disfruta, aprende y comparte...

¡Muchas gracias por dedicarnos unos minutos y disfruta mucho con nuestra comunidad!

Datos internos informativos (No hagas caso de estos datos, son para los administradores de Exaforo)

Fecha y hora de carga de esta página: 20/112017 a las 21:56:29
Memória total usada: 7484016

¿Por qué aparece el logo de Paypal en los temas? ¿Cobra Exaforo por usar su foro? No cobramos por usar el foro y el logo de Paypal es el de las donaciones. Tener en marcha un servidor 24/365, costear el hosting, los certificados digitales SSL, nuestros equipos…todo esto conlleva un coste que tratamos de sufragar mediante las donaciones. Nuestra aportación, cuando adquirimos equipos nuevos, consiste en donar nuestros viejos equipos a centros educativos con pocos recursos para que su alumnado (la mayoría niños) puedan desempeñar las asignaturas de tecnología y el centro pueda cubrir unos pocos puntos de trabajo. Tus donaciones no solo nos ayudan a nosotros sino también a los niños de las escuelas. Por eso es tan importante, porque a pesar que nosotros fomentamos el conocimiento libre, las herramientas para desempeñar dicho trabajo no lo son.

Más abajo verás un botón con el logo de Paypal. Si haces clic en el botón, te llevará a la página oficial de Paypal, allí dentro, con tu cuenta de Paypal, puedes hacer la donación del importe que tú quieras. Nosotros no pedimos un mínimo, puedes donar 1 céntimo de € si quieres o la cantidad que tú quieras. Si donas o no donas, solo te diremos una cosa: ¡Muchas gracias por habernos leído hasta aquí!

21/10/2016: DDOS attack that knocked Twitter, WhatsApp...  21/10/2016: DDOS attack that knocked Twitter, WhatsApp...

Valoración de éste post
4.57 / 5 de 471 votos



Mensajes: 945


Puntos totales:

Enhorabuena!

32





El contenido de este artículo o información está sujeto a una licencia Creative Commons BY (CC-BY), puedes divulgar públicamente este contenido pero deberás hacer mención del autor: Kernel e indicar la dirección web de esta página: https://www.exabyteinformatica.com/tienda/foro/21-10-2016-ddos-attack-that-knocked-twitter-whatsapp-t1354.html

The content of this article or any related information is under the Creative Commons license BY, you can republish this content freely but you must mention the author of this article: Kernel and indicate the URL of this page: https://www.exabyteinformatica.com/tienda/foro/21-10-2016-ddos-attack-that-knocked-twitter-whatsapp-t1354.html

Bajo licencia de Creative Commons


DDOS attack that knocked Twitter, WhatsApp and alerted the world

Internet has gotten into our lives in full for a few years is a clear thought today. Family and friends communicate by social networking services daily, much more even than in the physical world without smartphones and data connections. And yesterday (21st of October of 2016), many of them were aware of how much you need it.

They were realized that didn't work on Twitter, and therefore the haters could not be vent. They realized that didn't WhatsApp, and therefore not memes, they could move but not running NetFlix and could not put the girls to Masha and the bear so that they would be calm or listen to music on Spotify while it was running.

The list of services - the mass - which were affected was long. XBOX, Twilio, Paypal, Play Station Network and CNN also were among those affected. And then yes, then the world beyond those who know what is an IPv4 address or an IPv6 address began to ask... What's going on here? What has happened that it is really affecting my life?

The answer was so simple, as difficult to understand people. It was a massive DDOS attack on DNS servers of one of the companies that support many of these servers and many users. An attack against the request of name resolution that cut the contact between clients and service providers. Already, do not operate the DNS and the Internet infrastructure begins to fail.

The DNS on the Internet

The DNS are a key element in the infrastructure of the Internet is something we know from a long time ago. If they are attacked by a DDOS and cannot resolve domain names connectivity finished but already in the past we have seen other failures as the of Dan Kaminsky, who could have knocked down all those services as well as modifying the values of the responses to IP addresses.

Internet was not born thinking in all these attacks, and many services have evolved their operational adding layers of security on the original standards, as it is the case with the DNS, but still not added globally on all servers, where very few used today, for example, DNSEC to sign the resolutions of the given values. Against a DDOS attack the problem lies not in the DNS service, but the network itself.

Suppose the case of a denial of service against the website of a company attack. If an opponent have a DDOS, HTTP-level can be a Cloud ahead that filter the attacking bots of the users legitimate, as it does for example CloudFlare, but if done to services DNS must be the routers processing TCP or UDP requests about coming requests DNS resolution which discriminate if that request comes from a legitimate machine or not. Slightly more complex task.

An example of Anti-DDOS

Let’s suppose that the company DYN, this particular attack target, wants to stop this DDOS. To do this, you must have a safety net before traffic reaches your servers. If it were not so, all the DDOS attack traffic would come to your network, and although it detects it, and dismiss it with a 'drop' service requests could not be processed because the traffic to reach the router already is collapsed. I.e. the package non malicious would be as a regular purchaser of a property that cannot reach the door of the establishment because it is day of sales and is collapsed door by people who come for the deals.

For this purpose, the company must have a previous network, provided by the operator that provides you with Internet connections that eliminates - until they reach your router – those requests. I.e.: the supermarket that has the door collapsed on day of sale decides to put in the 4 corners of the streets from which sales buyers receive four control points. Thus, the massive traffic of new buyers would be divided by 4, leaving only 25% at each control point. The usual buyer would pass one of those control points with only 25% of the traffic of the attack then, at the entrance of the supermarket only you find and share input with other usual buyers.

If the time of crossing one of those four control points was still very slow, what should be regarded as supermarket is to hire more people to process in less time 25% of the traffic that passes by every one of those points of control or create new control points in a more distant layer, to achieve a greater breakdown of traffic.

So how shield systems which give ISPs from the network work, using technologies such as ARBOR to create what are called shields AntiDDOS provided from the network, which is what it seems that you could have done to get DYNAMIC to protect your DNS services, i.e., call your provider's network connections and request the hiring of these shields Anti-DDOS network.

How you can get so much power to make a strong DDOS attack?

DDOS attacks on DNS servers can be made in many way. We have seen in the past - already doing them - as she is had managed to make attacks of powerful traffic through DNS Amplification vulnerabilities, as happened when the attack to SpamHaus servers. In that case, an angry with RBL lists spammer was able to topple servers with DNS UDP requests spoofed that used as a source address of its objective so that the DNS servers themselves sixstory to SpamHaus.

But if we are going to more recent times, routers, printers and Windows computers, by means of known bugs, exploits public passwords by default or simple malware deployed with exploitation kits, we have seen as a group as Lizard Squad was able to lie on the past Play Station Network servers and XBOS and make own Kim Dot Com to pay Mega bonuses so that he could continue to play their games.

And without going so far, AKAMAI left without protection the website of Brian Krebs due to the virulence of the attack produced by a botnet of this type. A botnet made with devices in the world of the IoT that already is had warned long ago that it was worrying.

Who has been able to be back?

Speculations are always of all kinds. Could it be North Korea attacking US to return a proportionate response to the DDOS attack suffered as "punishment" for the attack on SONY? Could it be an attack to put the fear against e-voting? Could it have something to do with the elections in the United States so benefits the message of one or another candidate? Could it not be anything more than a new version of Lizard Squad angry by the blocking of an account on Twitter? Could it be an attack of ISIS by those same locks on Twitter?

It is now time for speculation, of course, and for the conspiracy. But if a State had this ready botnet - which I have no doubt that some countries have these possibilities - have to see if an operation thus reveals his cards. What we have seen in the past is that attacks between nations have always been drastic, using 0days that were undetected to avoid to stop being useful, because at the moment they are launched, researchers may discover how has been done, what they have been using and where was the exploited bug.

Until we do not have the details could be anything, but seeing how the attack on Brian Krebs was, my opinion would be more towards that direction. That is, to someone who already has this botnet created with device IoT, routers and switches - as did the NSA - and which is now enjoying with the use of the same in these DDOS attacks. I bet a t-shirt of LUCA or the SEAL that soon we will see more of these and may, even devices in your home or your company be part of this attack.



No te pierdas el tema anterior: Archivo HOSTS y PC's que no se ven entre ellos desde Red

Salta al siguiente tema: How to eradicate BitLocker from context menu in Windows 10

Quizás también te interese:
Si has encontrado información útil en Exaforo, ayúdanos a seguir creciendo. Muchas gracias por confiar en nosotros!


Volver a Seguridad y redes


cron