Music1 min ago
Attack on the sites
3 Answers
How does someone bring down a site? Just bombard it with emails?
Answers
Best Answer
No best answer has yet been selected by lynbrown. Once a best answer has been selected, it will be shown here.
For more on marking an answer as the "Best Answer", please visit our FAQ.Close.
Not emails but it's basically done by overloading the webserver or the internet connection it linked to, the simplest one would be an ICMP flood attack where the attackers get a bot net (thousands of computers that have been infected by malware) to ping the same webserver continuously meaning there is not enough capacity on the server to answer the ping requests and deal with legitimate requests.
Not emails but it's basically done by overloading the webserver or the internet connection it linked to, the simplest one would be an ICMP flood attack where the attackers get a bot net (thousands of computers that have been infected by malware) to ping the same webserver continuously meaning there is not enough capacity on the server to answer the ping requests and deal with legitimate requests.
ICMP floods (pings) are pretty easy to guard against you can simply filter them out.
More sophiticated is the syn flood attack.
In this the attacking computers knock on the door. The server replies and waits for a response that never comes. That waiting uses up a small amount of resources.
Crucially in this attack the attackers are difficult to distinguish from genuine users trying to connect so you cannot simply filter them out, you have to quickly decide who is real and who is not.
It can be done but it can cost the victim quite a lot of money in hardware and consultancy etc.
So even if you suceed in staying up the attack costs you money!
More sophiticated is the syn flood attack.
In this the attacking computers knock on the door. The server replies and waits for a response that never comes. That waiting uses up a small amount of resources.
Crucially in this attack the attackers are difficult to distinguish from genuine users trying to connect so you cannot simply filter them out, you have to quickly decide who is real and who is not.
It can be done but it can cost the victim quite a lot of money in hardware and consultancy etc.
So even if you suceed in staying up the attack costs you money!
-- answer removed --