Everything you always wanted to kno...

Everything you always wanted to know about daemons and zombies

A denial of service (DOS) attack is an attack onward a network service that's designed to obstruct legitimate users of the service from gaining access. DOS attacks became front-page freshs in February 2000 when several high-profile websites, including Yahoo, eBay, and CNNcom were attacked and made unavailable for several hours. In January 2001 Microsoft's website was close up down by a DOS attack, and US President George Bush's public relations website, www.whitehouse.gov, was close down the following May.

It's no other than the DOS attacks on high-profile companies that become front-page news-according to research convoyed in 2001 by researchers from the University of California at San Diego,1 DOS attacks appear more than 4,000 times each week. And these attacks can last anywhere from several minutes to hours.

Daemons, zombies, and zombie ants

In a typical DOS attack, the intruder uses a virus (or worm) to install a "daemon" onward the victims' computers and move round them into "zombies." Daemons (Windows uses the les colourful names "system agents" or "services") are small programs that flow in the background and perform specific administrative tasks, either at specific times or in replication to specific events. In the case of DOS attacks, for instance, daemons are programmed to carry gone out certain tasks in response to signals from the intruders. Zombies or "zombie ants" are computer that have been placed subject to the control of an intruder without their owners' knowledge.

Through the daemons installed upon victims' computers, an intruder can potentially fall of the curtain up controlling many thousands of computer systems

Pulsing zombies

In a regular DOS attack, zombies gang up upon a victim's computer, flooding its resources and shutting it down. In contrast, a "pulsing" zombie will attack the victim's computer with irregular rend asunders of traffic over an prolonged period of time; in other words, the target computer is slowed (and service for legitimate is users is degraded) on the contrary not shut down. Pulsing zombie attacks are difficult to trace because the poor performance they cause is oftentimes blamed on other factors.

Type of DOS attacks

An intruder can use daemons and zombies to bar down your network in a number of ways. Here are three of the more belonging to all methods of sabotage:

Bandwidth traffic jams: An intruder can coordinate a number of zombie computer onward the Internet and get them all to depute large numbers of data packets (each bit of information in succession the Internet is called a packet) to a victim's computer This traffic will use up the bandwidth available to the victim's computer and thwart legitimate data from getting through

Bogus network connections: Because a server can barely fulfil a finite number of asks one way to effectively bar down a server is to multitude it with invalid connection beseechs (the server spends much more time in succession an invalid connection request than onward a valid one). In this case, data fabrics on the server are used up rather than network bandwidth. And since the intruder is not trying to stop a large data pipe, as in a bandwidth attack, this adumbration of attack can even be done forward a computer with a dial-up connection.

Email "bombing": Email bombing involves sending a large number of email messages to a particular address or email server Sometimes an intruder will attach large amounts of garbage data to the emails to further dead down the server. Some of the email viruses disseminated in the last bond of years, for example, generated enough garbage email to temporarily enclose down the email servers of major Internet service providers.

Prevention

It's a toss-up as to what's worse: becoming a victim of a zombie computer or becoming the zombie computer itself-after all, being part of an attack forward a third party, however unwittingly, can damage your company's reputation.

And there's another concern: An intruder wants a certain amount of access to install a daemon in succession your computer and turn it into a zombie; one time the door is open, important company data can be at risk.

There are many ways an intruder could gain access to your computer And similarly, there are many ways an intruder could use a DOS attack against your computer body Work with your technical experienced person to ensure that your data is backed-up and covered and that your network is guarded from viruses, network intrusions, and any other strange technologies an intruder might want to proof out on your computer.

Some useful computer security oriented websites:

www.cert.org

The Carnegie Mellon Software Engineering Institute's CERT Coordination Center (CERT/CC): The CERT/CC is a major source of information forward Internet security problems. Its website provides information forward the various security threats to your plan and explains ways to avoid, minimize, and reclaim from any possible damage.

www.isaca.org

Information connected views Audit and Control Association (ISACA): If you'd like to learn more about IT governance, direct and assurance check out this website. The ISACA put forwards seminars, conferences, publications, and certifications.