|
|
#1
11-21-2013, 09:27 AM
|
|||
|
DDoS Has Me Curious About Network Stuff
Referencing http://www.project1999.org/forums/sh...d.php?t=128723
I read through that thread and found myself wanting to understand, any suggestion on a book or books that an electrical engineer would find accessible enough to dig through? This is a vague question but my knowledge is vague. Any suggestions are welcome, thanks. Also, what sort of jobs do people with this sort of knowledge work in? Always probing for new opportunities.
__________________
Blue : Bookmedder, Unkiller, Being, Useful, Stembolt, Computer
Green : Pending | ||
|
|||
|
#2
11-21-2013, 09:45 AM
|
|||
|
just fillout the application form on the anonymous website, they can offer you hands on training....you have to pay for your own mask ofcourse!!
__________________
"I have been freed from the shackles of pixel lust."
Are YOU Cleansed from the chains of digital desire? | ||
|
|
|||
|
#3
11-21-2013, 09:52 AM
|
|||
|
i'm a mechanical engineer and i read through the ddos wiki. still does not make cents.
| ||
|
|
|||
|
#4
11-21-2013, 10:07 AM
|
|||
|
__________________
 | ||
|
|
|||
|
#5
11-21-2013, 11:33 AM
|
||||
|
Quote:
This is just someone sending a ton of packets of some kind, be it pings, ICMP, etc from a bunch of different IPs. Could be a compromised network somewhere (in which case this becomes a SMURF) or just a bunch of compromised PCs (a Botnet). Would be cool to take the whole P99 Project into a VPN, so Rogan could easily just ban users when they started to flood the network. But that would create issues for new players joining us as it would add a level of complication to an already complicated process. | |||
|
|
||||
|
#6
11-21-2013, 04:34 PM
|
||||
|
Quote:
| |||
|
|
||||
|
#7
11-21-2013, 04:46 PM
|
|||
|
There are lots of different kinds of DDoS attacks. If you want specific information regarding the one hitting us, look up DNS Amplification, Chargen Amplification. They are saturation type attacks. You can learn more information about how these attacks work by looking up the difference between UDP and TCP. DNS and Chargen are both UDP protocols. UDP is stateless, where as TCP requires a handshake. This means UDP packets can be sent with Spoofed source addresses (Typically the victim) in order to solicit response floods to that victim.
There's several layers to this. Typically starts with the attacker on his local pc. Now he may be behind something to mask his own IP, be it a VPN or what have you. He will send a signal from there to a botnet command and control server (or multiple servers). These servers will then in turn send out attack commands to thousands of computers that are compromised to start the attack. These thousands of botnet attacks will each contain a list of IP Addresses of servers around the world that have a vulnerability, such as open DNS resolvers (For DNS Amplificiation) or exposed Chargen ports. The botnet computers flood multiple servers at a time with packets saying "Hi, I'm <Victim's IP Address>, Please send me your DNS Repository". This is of course in the form of a very small packet. The response to that request is typically 10 times larger than the original request, or bigger. But because of the spoofed packet, the response gets sent to the victim IP address, not the real computer that requested it. So we have a Botnet C&C sending out an attack command to thousands of computers who in turn send out requests to thousands of servers who in turn send all their responses to the victim server, all at once. It's ouch.
__________________
| ||
|
Last edited by Rogean; 11-21-2013 at 04:52 PM..
|
|
||
|
#8
11-21-2013, 07:50 PM
|
||||
|
Quote:
| |||
|
|
||||
|
#9
11-21-2013, 10:10 PM
|
||||
|
Quote:
| |||
|
|
||||
 |
|
|
Linear Mode
