What are DoS and DDoS Attacks?

What is the difference between DoS and DDoS? (Photo credit: Kevin Ku)

What is the difference between DoS and DDoS? (Photo credit: Kevin Ku)

A “Denial of Service” (DoS) attack involves disrupting a computer or network and making it unavailable to users. This can be accomplished by exploiting a vulnerability in the system. One common DoS method is to flood the network with requests to overload it, which stops legitimate requests from coming through.

A “Distributed Denial of Service” (DDoS) attack is a DoS attack that comes from multiple coordinated sources. This is often achieved by using a botnet, which is a network of private computers maliciously being controlled without consent from the owners. A botnet has strength in numbers and is able to overwhelm a target by abusing protocols such as DNS, ICMP, and Network Time Protocol.

Here are some ways to protect yourself against DoS and DDoS attacks:

  • Use a multi-level defense strategy. This could include Intrusion Prevention and Detection Systems, firewalls, VPNs, content filtering, secure backups, and more depending on the scope of your network.

  • Keep software and firmware updated on all of your network devices. Avoid using hardware that is no longer supported with security updates from the manufacturer.

  • Monitor your network traffic. Understand your baseline so you can recognize anomalies as they occur.

  • Consider implementing cloud-based technologies as a way to outsource DDoS prevention.

Denial of Service attacks normally target business and larger companies, but individuals should also practice good security habits online. This includes using a firewall, keeping your software and OS updated, and not clicking suspicious links or opening strange emails. This will help prevent your system from unknowingly becoming part of a botnet, and will keep you safer online. Stay informed, and stay vigilant!

Circuit-Switched vs. Packet-Switched Networking

Packet switching breaks down data into smaller blocks and sends one packet at a time, while circuit switching maintains a connection until all data is sent. (Photo credit: Markus Spiske)

Packet switching breaks down data into smaller blocks and sends one packet at a time, while circuit switching maintains a connection until all data is sent. (Photo credit: Markus Spiske)

What is the difference between circuit-switched and packet-switched networks? To begin to answer this question, each term needs to be defined.

Circuit switching is defined as a connection between two devices on a network that use a temporary, dedicated communications channel to connect. The first example of this was with with some of the first analog telephone networks. In that case, a continuous circuit was maintained during the duration of the phone call, and the circuit was terminated when the call ended.

Some examples of technologies that use/used circuit switching:

  • POTS - plain old telephone service

  • ISDN - Integrated Services Digital Network

    • BRI - Basic Rate Interface

    • PRI - Primary Rate Interface

Conversely, packet switching is defined as transferring data using smaller packets of data, so the connection between two devices is only used for that packet, and then is freed up for other devices to send packets along the connection. This method is used today to in modern networks limit latency and increase bandwidth efficiency.

Examples of technologies that use packet switching:

  • Frame Relay Networks

  • X.25 Networks

  • ATM - Asynchronous Transfer Mode

  • MPLS - Multiprotocol Label Switching

What is a Rootkit?

Rootkits are nearly invisible and therefore very difficult to remove. (Photo credit: Michael Dziedzic)

Rootkits are nearly invisible and therefore very difficult to remove. (Photo credit: Michael Dziedzic)

The term “rootkit” is derived from the Linux/Unix name for the highest level user, “root.” The root user has administrator access to a system and is therefore able to modify anything within it.

A rootkit is a tool that allows a hacker to covertly gain access to a system. Rootkits are difficult to detect because they modify the kernel of the operating system. The kernel is the very center of the OS and facilitates interactions between the software and hardware. By modifying the kernel and gaining administrative access, a rootkit allows a hacker to install other malware on your system and prevent you from removing it. This could potentially lead to loss of your data, money, and access to your computer.

Rootkits can typically only be removed with very particular rootkit removal software. It is also important to be very careful when choosing rootkit removal software, as sometimes the “bad guys” put fake rootkit removal software out there which actually just adds more malware to your computer.

To prevent rootkits and other malware from getting onto your computer, it is important to take some basic precautions, such as:

  • Keep your operating system, web browser, and other applications up to date.

  • Use virus protection software and routinely scan for malware.

  • Use a firewall and avoid visiting suspicious websites.

  • Avoid opening emails and attachments from unknown recipients.

These are just a few steps anyone can take to help prevent malware from slowing down your system or leaking out critical personal data to attackers. Remember that it only takes one mistake for a hacker to gain access to your hardware/data. Stay informed, and stay vigilant!

What is Malware?

Take active steps to prevent malware from infiltrating your system! (Photo credit: Michael Geiger)

Take active steps to prevent malware from infiltrating your system! (Photo credit: Michael Geiger)

Malware can be described as any software that is doing something bad to your computer. Malware could do something annoying such as cause pop-up ads, something dangerous like collecting keystrokes as you type, or something discreet like force your computer to become part of a “botnet” without you even knowing!

One type of malware is called “crypto-malware,” which encrypts the data on your device, rendering it inaccessible to you. Another example of malware is called “ransomware,” which causes your data to be locked up until you pay a ransom to the hackers that installed the malware. Other types of malware include “Trojan horses,” “Worms,” and many types of viruses.

To help protect your systems against malware, there are several important things you can do:

  • Keep your operating system, web browser, and other applications up to date.

  • Use virus protection software and routinely scan for malware.

  • Use a firewall and avoid visiting suspicious websites.

  • Avoid opening emails and attachments from unknown recipients.

These are just a few steps anyone can take to help prevent malware from slowing down your system or leaking out critical personal data to attackers. Remember that it only takes one mistake for a hacker to gain access to your hardware/data. Stay informed, and stay vigilant!