Re: What actually is DoS attack ? [Q and A] - XOOPS Web Application System

1

What actually is DoS attack ?

2005/1/2 12:39
Anonymous
Posts: 0
Since:

Hello!

I instaled module Protector ... I patched mainfile.php and it works great. But in ONE HOUR I got 6 pages of log ... There were two attacks (CRAWLER and DoS).

But, what actually is DoS attack ? Is it same as DDoS ? How can it affect my page ?

Thanks.

2

Re: What actually is DoS attack ?

2005/1/2 12:43
smdcom
Posts: 901
Since: 2004/4/27

Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers.

3

Re: What actually is DoS attack ?

2005/1/2 14:29
tedsmith
Home away from home
Posts: 1151
Since: 2004/6/2 1

Look up the Dorset lad Aaron Caffrey who was accused of launching a DDos (I know slightly different but) on the Houston HArbor in America. Brought it down for over a day and claimed a trojan did it and then deleted itself! Jury believed it. Led to what is now known as 'The Trojan Defence'. Causing big problems in court of law.

4

Re: What actually is DoS attack ?

2005/5/4 19:23
Retlaw
Just popping in
Posts: 13
Since: 2005/1/25

I just got nailed by one yesterday. Brought the server down. What are the best methods to protect a XOOPS site.

What are you guys using to prevent and stem off the attacks?

5

Re: What actually is DoS attack ?

2005/5/4 20:45
Herko
XOOPS is my life!
Posts: 4238
Since: 2002/2/4 1

not pissing off any crackers is one sound strategy

As I said in your othe rthread, use the protector module for protection.

Herko

6

Re: What actually is DoS attack ?

2005/5/4 22:17
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

I do not think (I have to be carefull with what I say, or GIJOE...) that the protector module actually helps against really large (read normal) DoS attacks.

Most DoS attacks just rely on the fact that servers will get overloaded with data and the server won't got any time left to respond on legal requests.

As far as I remember the protector module it uses the built in XOOPS IP ban system so that XOOPS no longer provides data to those IP's. However, still each requests of that attack is being parsed (Apache reads request; php loaded; XOOPS loaded; XOOPS loads MySQL database; XOOPS reads settings in database -> notice IP is blocked, blocks output, exit() command executed; Apache responds with empty page)

So, despite of the fact it might slow down a large attack a moment, it won't really help. Apache still responds to those requests and that should not happen. In my eye's, unless you are running a hosting company you don't have to worry about DoS-attacks. Your hosting provider should block them on server level.

Ofcourse this is just one feature of the protector module, I prefer not to discuss other functions

.

7

Re: What actually is DoS attack ?

2005/5/4 22:45
m0nty
XOOPS is my life!
Posts: 3337
Since: 2003/10/24

also to answer ur original question.. DOS attacks are usually single attacks ie. 1 hacker attacking another computer and preventing it communicating to other computers..

DDOS attacks are multiple.. ie when a hacker or possibly a group of hackers.. but usually DDOS attacks when a computer has been infected either maliciously by a hacker and that hacker then has control of that computer (we call them zombies) then that person can launch an attack not just from his 1 machine but also get all the other zombies he has control of to attack at the same time.

now of course not all attacks are aimed at you personally tho.. Worms can search the net and usually firewalls detect these worms as DOS attacks because of the methods they use to try and infiltrate your server.. some are benign and some are malicious.. if u notice lots of attacks from the same IP address tho you should check this out.. but it is pretty much to ignore those that are only occasional and not repetitive..

8

Re: What actually is DoS attack ?

2005/5/4 23:43
brash
Friend of XOOPS
Posts: 2206
Since: 2003/4/10

Quote:

Jan304 wrote:
I do not think (I have to be carefull with what I say, or GIJOE...) that the protector module actually helps against really large (read normal) DoS attacks.

Correct there Jan304, however from testing I have done recently it seems that the Protector module can be very effective against reducing the effects of small to medium attacks. From my results you are far better off having the protector module than not

.

9

Re: What actually is DoS attack ?

2005/5/6 12:57
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

True Brash.

More information about DoS attacks:
http://en.wikipedia.org/wiki/Denial-of-service_attack

Stats
Goal:	$100.00
Due Date:	Nov 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

What actually is DoS attack ?

Re: What actually is DoS attack ?

Re: What actually is DoS attack ?

Re: What actually is DoS attack ?

Re: What actually is DoS attack ?

Re: What actually is DoS attack ?

Re: What actually is DoS attack ?

Re: What actually is DoS attack ?

Re: What actually is DoS attack ?

Login

Search

Recent Posts

Re: Mymenus Module with XOOPS 2.5.11-Stable

Re: Migrate from Wordpress

Re: Error in https://xoops.org/modules/wggithub/

Re: Error in https://xoops.org/modules/wggithub/

Re: XOOPS 2.5.11 session handling too strict?

Error in https://xoops.org/modules/wggithub/

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 session handling too strict?

Re: XOOPS 2.5.11 session handling too strict?

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}