DOS attack

Discussion in 'Windows Desktop Systems' started by shinz, May 27, 2004.

  1. shinz

    shinz OSNN Junior Addict

    Messages:
    12
    Hello everyone,
    Lately i've been getting DOS attack. What are the steps that i can take to protect myself from such attacks?

    And may i know what the programs the attackers are using to DOS attack?
    My friend told me that even ppl behind 56k can take down a cybercafe server. Is that true?

    I am using sygate firewall, but this does not protect me from the attacks. However, i can backtrace the person's ip. What can i do to stop the attacks? And what authorities can i report this to, I am from Malaysia.

    Thx
     
  2. Lee

    Lee OSNN Proxy

    R U in a cyber cafe?
     
  3. shinz

    shinz OSNN Junior Addict

    Messages:
    12
    I log in from cybercafe's and also from home.
    Both places, i still get Dos attacks, the attacks i get in cybercafe brings down the whole server down. Lol .. imagine a cafe with 100 ppl connecting to online game, Everyone gets disconnected for awhile.

    However I am not the hackers target, my friend who works in cafe has been targeted lately. And at the same time, i am interested in learning more bout DOS attacks. How to prevent. If i cannot prevent the DOS attacks. I think i will have to learn how to attack back.
     
  4. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom
    learn how to defend against them, but dont reduce yourself to the level of your attackers
     
  5. shinz

    shinz OSNN Junior Addict

    Messages:
    12
    Yes, this is why i am trying to learn more about DOS attacks.
    So what the steps that i do, to defend myself against them?
     
  6. Lee

    Lee OSNN Proxy

  7. LeeJend

    LeeJend Moderator

    Messages:
    5,291
    Location:
    Fort Worth, TX
    In short:

    Denial of service attacks require a lot of bandwidth and are usually done using BOTs (programs hidden on innocent peoples unprotected machines by crackers for use in attacks). The BOTs can be activated from anywhere with any conenction, even dial up.

    The DOS attack usually targets one, known open port. The DOS attack can be blocked by the ISP by closing that port to the cyber cafe connection. The cracker can then look for another unprotected port to attack and the game starts all over.

    Since the attacks are usually remote controlled using innocent peoples machines it is pretty much impossible to stop them. Some ISPs are shutting down the connections of people who have infected machines until they clean them up and install firewalls. Most ISPs do not give a damn if you are being attacked so don't expect any help. The police/government/etc also do not give a **** about DOS attacks unless you attack an air traffic control system or a government agency. So don't expect any official help either.

    Wish I could be more helpful but there is not much you can do except:
    Change your ISP, switch to another cyber cafe, change your User ID and passwords and from now on always hide behind a hardware firewall and a software firewall and stay the hell away from high risk areas like IRC. It only takes one occurence of pissing off a cracker to screw yourself.

    Good luck.
     
  8. Bootsy

    Bootsy Huh?

    Messages:
    1,124
    Location:
    Miami, Fl
    Lee, thats a very cool read hehe he got in there hard core
     
  9. Lee

    Lee OSNN Proxy

    I think most of the yahoo chat and games users were sending him packets of nasty things.

    Don't you love the Yahoo experience.
     
  10. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    Software and hardware (router) firewall aren't going to save you on a home connection as most packet kiddies will have bots on everything from T3's to OC connections :( If your on cable you can try and reset your ip ... if your on IRC and thats how they are targeting you a shell may be a good idea. :)

    -edit- Also they dont' need an open port at all. A DDoS attack is just a flood of junk data to your ip and will clog either your router/firewall while they try and filter it all.
     
  11. Howling Wolf

    Howling Wolf We did not deserve this !

    Messages:
    1,243
    Location:
    Amongst the Native Ones
    Are you using the free version of Sygate's FW (non pro) ? If that is the case, buy the pro version I'm using myself, it blocked for me the few DoS attacks I encountered (Options > Security > Enable DoS detection).
     
  12. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
    It all depends on if the kiddie(s) is using home connection (aka a few cable/dsl users) or has a list of exploited company server/cisco routers they are using to pax0r your connection with. The later no software firewall is going to save you as they will be pushing to much "down your pipe" for your connection to handle.
     
  13. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom
  14. Xie

    Xie - geek - Subscribed User Folding Team

    Messages:
    5,275
    Location:
    NY, USA
  15. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom