Infopackets web server attacked (DDoS)
Dear Infopackets Reader s,
Over the weekend, our web server was attacked by hacker(s).
Although security was not compromised, the attack resulted in the web server being temporarily shut down until my hosting company could safely implement a data mitigation filter to deflect the attack.
In a nutshell, the attackers sent a flood of information to the web server and caused it to "choke" on incoming requests. Because the attack originated from multiple IP addresses (I.E.: from more than one computer), this type of attack is referred to as a DDoS attack (or, Distributed Denial of Service attack). In all, the flood sent 448,000 megabytes of packets to the main server in less than a 24 hour period. Pictures of the attack on our main server can be viewed here.
Side note: According to searchSecurity.com, "a distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.
A hacker begins a DDoS attack by exploiting a vulnerability in one computer system and making it the DDoS "master." It is from the master system that the intruder identifies and communicates with other systems that can be compromised. The intruder loads cracking tools available on the Internet on multiple -- sometimes thousands of -- compromised systems. With a single command, the intruder instructs the controlled machines to launch one of many flood attacks against a specified target. The inundation of packets to the target causes a denial of service (see picture to the right).
DDoS: Mere coincidence or act of malevolence?
Although our web forms were not targeted, this DDoS attack on our web server came only a few days after writing a feature article on one aspect of server security. In your opinion, was this DDoS attack a mere coincidence or an act of malevolence?
Feel free to send me your comments.
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.