What is a distributed denial of service attack?

By Claudine Beaumont, Technology Editor 10:11AM GMT 09 Dec 2010

The current technical assault on the websites of Amazon, Visa and MasterCard is known as a distributed denial of service attack. This technique uses a network of tens of thousands of compromised computers, known as a "botnet", to flood a website's servers with page view requests, leaving legitimate traffic unable to get through. This huge amount of connection requests can quickly overwhelm a server and, in some cases, cause an entire website to crash.

In order to add computers to a botnet, hackers must first gain control of the machine. They achieve this by exploiting vulnerabilities within the computer's operating system to install malicious software on the computer that provides them with always-on, remote access to the PC.

Building a botnet is the time-consuming part, so much so that enterprising cyber criminals will even "lease" botnets to one another for spur-of-the-moment attacks.

Once a machine has been compromised, it can be called in to action by the hacker at a moment's notice. Security experts at McAfee estimate that between March and July of this year, 14 million computers worldwide were enslaved by botnets. All the hacker needs to do is run a small program that communicates with all the computers they control, and it can then command those computers to start dialling out across the internet to a specific server or website. The aim is to flood servers with tens of thousands of page view requests in a short period of time, paralysing the network.

Distributed denial of service attacks are illegal in many countries, including the UK. Under the terms of the Police and Justice Act 2006, it is illegal to impair the operation of any computer, to prevent or hinder access to any program or data held in any computer, or impair the operation of any program or data held in a computer, with “requisite intent” and “requisite knowledge”.

The penalty for unauthorised access to computer material is a maximum of two years’ imprisonment, while paying someone else to launch a distributed denial of service attack is punishable by up to 10 years in jail. Supplying the software or tools that can be used to launch a denial of service attack, or offering access to an existing botnet, carries a penalty of up to two years in prison.

In order to prevent your computer falling foul to hackers and being enslaved by a botnet, it's crucial that you download install the latest software patches issued by your computer maker, use security software such as an anti-virus program on your machine, and use a firewall to manage which programs have access to and from the web to your computer.

Computers that can be a particularly soft target for hackers include machines in internet cafes, where patrons are likely to click on attachments and links from unsolicited sources, thus unwittingly installing a virus on the system, and unloved and forgotten office machines, which are perhaps not patched or maintained as well as other computers in the organisation.

(taken from telegraph)

Introducing to Signaling

Ini merupakan entri pertama blog ini, dari rencana untuk memahami dunia signaling di telekomunikasi.

Then shall we started..
Signaling di dunia telco mempunyai arti pertukaran informasi dan perintah untuk fungsi kontrol dan monitoring suatu koneksi telephony. Kenapa telephony dikarenakan saat ini signaling tidak hanya digunakan di call set-up telepon saja sudah banyak aplikasi lainnya seperti SMS.

Kemudian, setelah kita mengetahui arti signaling. Pertanyaan selanjutnya adalah informasinya seperti apa? dan bentuk perintahnya seperti apa? Untuk ini sabar dulu yah.. akan kita bahas lebih detail di Posting selanjutnya.

Kembali ke bahasan pengenalan signaling, tujuan utama penggunaan signaling dikarenakan Setiap network harus bisa berkomunikasi dan berbicara dengan "bahasa yang sama" ke network yang lainnya sehingga terjadi pertukaran control information. Contohnya apa sih yang ditukarkan , berikut contohnya :

1. Traffic control procedures contoh call set-up, supervision, dan release.
2. Database communication, contoh roaming di jaringan selular, database queries untuk mengetahui services yang ada.
   
3. Network management procedures, contohnya, blocking trunks.

Di bahasan ini kita akan memfokuskan di "external signaling". Kenapa ? karena internal signaling merupakan proprietary dari tiap vendor telekomunikasi. Pastinya didalamnya ada banyak perbedaan metoda dan standar yang belum tentu antar vendor akan sama.

Secara tradisional "external signaling" tadi dibagi menjadi 2:

1. Acces Signaling (signaling dari switching/sentral/msc ke arah pelanggan contohnya subscriber loop signal, DSS1)
   
2. Trunk Signaling (signaling antar switching). Ada 2 metode yang "lazimnya" digunakan. yaitu :
   

• CAS (Channel Associated Signaling) secara sederhana signaling ditumpangkan/menjadi satu dengan speech channelnya.
  
• CCS (Common Channel Signaling) kalau disini ada dedicated channels tersendiri khusus untuk signaling. perbandingannya mungkin 1 e1 yang digunakan untuk signaling bisa untuk ratusan maupun ribuan kanal voice. Inilah nilai lebih dari ccs yang menyebabkan hampir sebagian besar network di dunia menggunakan ss7. selain dibantu dengan kemudahan administrasi karena chanel voice dan signaling dibedakan.

Ok cukup untuk bahasan awal ini, kita lanjut ke pengenalan Signaling System no.7 atau SS7 di session berikutnya.