Dismiss Notice
You are browsing this site as a guest. It takes 2 minutes to CREATE AN ACCOUNT and less than 1 minute to LOGIN

Keep your PC out of ‘denial of service’ attacks

Discussion in 'Tech, Gadgets & Science Forum' started by MziziMkavu, Aug 16, 2009.

  1. MziziMkavu

    MziziMkavu JF-Expert Member

    Aug 16, 2009
    Joined: Feb 3, 2009
    Messages: 38,323
    Likes Received: 2,402
    Trophy Points: 280
    Security important for minimizing chances of computer becoming a 'zombie'

    As a home user, you can't stop such denial-of-service attacks like those that hit Twitter and Facebook Thursday from happening, but you can do your best to make sure that your computer is not being used to instigate them.

    "Once an attack like this starts going, there isn’t a heck of a lot an individual can do," said Rob Housman of the Cyber Secure Institute think tank. "But I think people can become better consumers in advance. This ought to factor into, first, how you configure and run your own computer, and second, what ISP you select." Why your Internet service provider? Because they provide the gateway to your computer, first and foremost. "You need to work with your ISP to fight such an attack and it usually requires signing up for anti-denial-of-service features which are usually only available to corporate customers," said Johannes Ullrich, chief research officer for the SANS Institute, a national organization that does information security training, research and certification.

    Among the questions consumers should ask of their ISPs, Housman says: "What are their filtering methods? How advanced is their filtering to know what’s coming and going on their servers? How much bandwidth do they have to deal with it? Do they have a security team and a rapid-response team? Do they have automated detection, so they can tell when something’s happening, when there’s a change being made to their system that shouldn’t be made?"

    Those are a lot of questions. But denial-of-service attacks cause a lot of problems, not the least of which is the frustration of not being able to log into a site when you want to.

    "If you find that a popular site is responding slowly, or not responding at all, it is best to just not use the site for a bit to allow them to recover," said Ullrich. "The worst thing to do (during a denial-of-service attack) is to keep pressing 'reload' in your (Web) browser, as this may make the attack worse."

    Secure your computer
    Home users also need to make sure their computers aren't unwittingly being used to launch denial-of-service attacks, which often plagued sites like Amazon, eBay, ETrade and Buy.com in 2000, when online shopping was just kicking into high gear.

    The way those attacks were done hasn't changed much since then, with "cybercriminal using a network of compromised computers to send a ton of traffic to the target Web site," said Joris Evers, security specialist for McAfee. Evers himself was trying to get onto Twitter Thursday morning when the site was down.

    "The attacker has under his or her control tons of computers — tens of thousands, sometimes even hundreds of thousands of computers — and they instruct those computers all at the same time to start going to a site. And the servers that run the site then buckle under that traffic and go down."

    "It is possible that regular home users, without knowing it, may have had their computers be part of this attack against Twitter, if their machines had been infected or compromised by an attacker and made part of the network of machines to attack Twitter," Evers said.

    Such a network is known as a "botnet," a network of compromised computers. Each compromised computer is called a "zombie."

    "So we have a network of zombies in a botnet that are all at the same time told by the attacker to go to, or send traffic to, a specific Web site," Evers said.

    "If the owner of that Web site doesn’t have sophisticated means of filtering the traffic that’s coming in, to block the bad traffic and let through the good traffic, and if the infrastructure on the back end isn’t strong enough to stand up to all the requests coming in, it will go down."

    No advance warning
    You're not going to know if or when your computer is being used for such an attack, Evers said.

    The best steps to take in advance are, if you have a PC with Microsoft Windows, run automated security and software updates from Microsoft (Msnbc.com is a joint venture of Microsoft and NBC Universal), and use and update anti-malware software that includes both anti-virus and anti-spyware protection — whether it's McAfee's or another company's, he said.

    Also, use a firewall, "so that if people are trying to attack your computer from the Internet, there is this block that will stop them from breaking into your PC," Evers said.

    Be Internet-savvy, he said, and as tried-and-true-and-tired as you are of hearing this one, it's important: "Don't open e-mail attachments from people you don't know, and don't click on links that go to the darker side of the Web, where you might encounter malicious software, or someone trying to break into your PC."

    'Demand more'
    Housman, who served in the Clinton administration as assistant director for strategic planning in the White House Drug Czar’s Office, said the Internet can be viewed as "a kind of a commons, and unless we all act to protect the commons, we all become vulnerable."

    If some don't act, "Well, those are the computers that get taken over, those are the computers that become botnets, those are the ones that get used for denial-of-service attacks, and then we all suffer for it," Housman said.

    "That's why it's important to become a smart consumer, and take yourself out of the (vulnerability) equation as much as you can."

    Consumers need to "demand more" when it comes to Internet security, he said. "Demand more of the Obama administration, demand more of the technology providers, demand more of the technology companies. There are ways that we can secure these things, we just need to be willing to do it." http://www.msnbc.msn.com/id/32317713/ns/technology_and_science-security/