A look back at the DDoS attacks from the 4chan/anon gang

January 3, 2011

Things have somewhat returned to normal 3 weeks after the barrage of attacks, that at times seemed as if they were not going to stop. In fact they may not, and will probably get bigger, more sophisticated, with many more victims. We too, have had our run-ins with this group and their legions of LOIC shooters.

A customer of ours asked “ How could these, super large, brand names have their websites taken down for so long, don’t they have DDoS protection in place ?”

For more information on this, please visit http://www.dosarrest.com/en/blog/87-a-look-back-at-the-ddos-attacks-from-the-4chananon-gang.html

Posted by dosarrest
Filed in Uncategorized ·Tags: , , , , , , , ,
Leave a Comment »

DSS Customer Panel update

November 27, 2010

One of our more recent features added to the DSS Panel is the URI(Uniform Resource Identifier)management section.  This allows different types of content to be filtered, cached and logged differently, so website performance can be maximized without breaking existing web applications. For example in the following configuration the main page and all images are being cached, but the rest of the website remains un-cached and filtered normally.

For more information on this, please visit http://www.dosarrest.com/en/blog/88-dss-customer-panel-update.html

Posted by dosarrest
Filed in Uncategorized
Leave a Comment »

DSS enhancement, visual representation of A Botnet

September 13, 2010

Our next enhancement to our customer DSS(DOSarrest Security Services) is a heatmap, which displays in realtime the location and number of unique visitors. Since many attacks are using spoofed IPs their actual location may be misleading, But at a glance you can see the size of the Botnet .

For more information on this, please visit http://www.dosarrest.com/en/blog/89-dss-enhancement-visual-representation-of-a-botnet.html

Posted by dosarrest
Filed in Uncategorized ·Tags: , , , , , , , , ,
Leave a Comment »

A look at Steganography

September 9, 2010

DDoS agents, and malware in general are in a constant arms race with anti-virus scanners to outwit each other. Massively networked botnets require not only the ability to store malicious executables but also send and receive traffic covertly. Steganography can fulfill both these needs. While cryptographic methods (such as strong encryption or polymorphism) use math to re-arrange malicious data so it’s more difficult to detect,  steganography bypasses this completely by making the malicious data appear completely benign.

For more information on this, please visit http://www.dosarrest.com/en/blog/90-a-look-at-steganography.html

Posted by dosarrest
Filed in Uncategorized ·Tags: , , , , , , , , , , , ,
Leave a Comment »

A Call to Network Providers to end IP Spoofing

August 18, 2010

In the world of DDOS attacks, “IP Spoofing” or just “Spoofing” for short Is a technique used to hide the actual IP Address of an attacking computer, as well as overload session tables.  Attackers can choose an alternate IP address, or generate random IP addresses which can change very rapidly allowing one attacker to simulate vast numbers of simultaneous attackers all having different IP addresses.  This makes tracking the source of the infected botnet computers more difficult, as the source IP address of the attacker has been falsified. Session tables of a server or load balancer will keep a pre-determined number of open sessions for each IP address for a specified length of time in seconds. The amount of available sessions is determined by the amount of memory dedicated to this task.  The spoofing of IP addresses allows a single attacking computer  to create more open sessions then normally permitted.  In a DDOS attack, a very large number of spoofed addresses can be generated, overloading the session table and dropping all packets, or causes the server or load balancer to crash.  IPv6 (IP Version  6) has been designed to provide more security and will bring an end to spoofing, however in the mean time the “Chicken or the egg” wait for the masses to adopt IPv6. means we need to address spoofing in the best way possible to deal with this problem.

For more information on this, please visit http://www.dosarrest.com/en/blog/91-a-call-to-network-providers-to-end-ip-spoofing.html

Posted by dosarrest
Filed in Uncategorized ·Tags: , , , , , , , ,
Leave a Comment »

The Motivation and Goals Behind DDoS

July 30, 2010

It is normally difficult to understand the motivation or goals behind specific DDoS attacks or why they occur. Because the machines or computers performing the attack are being controlled by some hidden external source, it is difficult to pinpoint the origin of the attack. When it is already hard to find out who are conducting the attacks, it is even harder to understand why. Therefore, many explanations of why DDoS occurs are theories based on speculation or small amounts of evidence.

For more information on this, please visit http://www.dosarrest.com/en/blog/92-the-motivation-and-goals-behind-ddos.html

Posted by dosarrest
Filed in Uncategorized ·Tags: , , , , , ,
Leave a Comment »

DSS, ISP option

July 22, 2010

As part of our DOSarrest ISP option, I have been developing new administrative features to a new ISP DSS panel. This new ISP DSS panel will provide ISP customers with the ability to manage their own customers and which sites they have access to. ISPs will be able to provide their own customers with the ability to log into the DSS panel which allows them to view statistics, manage the site, etc.

For more information on this, please visit http://www.dosarrest.com/en/blog/93-dss-isp-option.html

Posted by dosarrest
Filed in Uncategorized ·Tags: , , , , ,
Leave a Comment »

PacketSafe Networks Corp. adds DOSarrest to it’s Service offerings.

July 17, 2010

Last week, I was contacted by Joel Abramson, who is one of the principles over at Packetsafe Networks, he was on a search for some DDoS protection for one of their managed hosting customers. As you can well imagine given a name like Packetsafe, they focus on security for their customers, which include companies in the medical field, ecommerce retailers and e-gaming. Their customers are spread out over a number of locations and providing good DDoS protection for all of them would be cost prohibitive. They also realize, that their network providers will not be able to handle the complex Denial of Service attacks that exist today.

For more information on this, please visit http://www.dosarrest.com/en/blog/94-packetsafe-networks-corp-adds-dosarrest-to-its-service-offerings-.html

Posted by dosarrest
Filed in Uncategorized ·Tags: , , , , , ,
Leave a Comment »

The evolution of DDoS

July 10, 2010

Over the years DDoS has evolved from individual packet-throwing scripts to sophisticated operations with botnets continually reaching above the million-machine mark. As attack strength, methods and targets change so too does the command and control structure that feeds it. What were once basic single-machine scripts can no longer support the level of fine-grained control needed to orchestrate modern attacks and as more bot masters face prosecution they are increasingly looking towards protecting their anonymity.

For more information on this, please visit http://www.dosarrest.com/en/blog/95-the-evolution-of-ddos.html

Posted by dosarrest
Filed in Uncategorized ·Tags: ,
Leave a Comment »

Not all network hardware measures up equally

June 28, 2010

In the world of DDOS attacks, not all network hardware measures up equally.

For more information on this, please visit http://www.dosarrest.com/en/blog/96-not-all-network-hardware-measures-up-equally.html

Posted by dosarrest
Filed in Uncategorized
Leave a Comment »
« Previous Entries
Follow

Get every new post delivered to your Inbox.