Results 1 to 10 of 10

Thread: Worldpay Disrupted by DDoS Attacks

  1. #1
    Join Date
    Sep 2003
    Posts
    3,040

    Default Worldpay Disrupted by DDoS Attacks

    Online payment processors continue to come under attack, with the Bank of Scotland's Worldpay service becoming the latest provider to have its operations disrupted by a distributed denial of service (DDoS) attack.
    Worldpay says it has been "adversely affected" by a DDoS that commenced over the weekend, with the service showing some signs of improved performance Tuesday. A dynamically updating performance chart for Worldpay is available here.



    The company says some transactions were being processed, but numerous Worldpay merchants reported significantly lower sales since the inset of the attack. The service says it has 30,000 clients in 70 countries around thew world, including Vodafone and Sony Music Entertainment.

    The attack on Worldpay follows similar attacks on Authorize.net and several smaller payment processing services. In each of those cases, the attack was preceded by a demand for payment.

    The attacks are an additional challenge for an industry experiencing turbulence and consolidation, as several payment processing companies are closing or being sold. The cost of these attacks is felt not only in lost sales, but also in costs to implement sturdier digital defenses against DDoS blackmail schemes, which have also been a significant problem for online betting services.

    DDoS attacks are a particularly potent weapon against sites with limited resources to defend their sites or pay overusage fees from attack-related bandwidth consumption. But with more attackers using large botnets of compromised computers to mount attacks, recent DDoSes demonstrate that even large corporate providers can find their web infrastructures hobbled by extortionists.
    Become PHP Expert in 30 days
    FreeMarriage.com - Free Online Matrimonial
    FlashWebHost.com - Professional Web Hosting, Designing.

  2. #2
    Join Date
    Aug 2004
    Posts
    135

    Default

    never had a chance to ask
    but what does dos do and why does it caused server is be knocked down
    i know it's stand for denial of service, not disk operating system :-)

  3. #3
    Join Date
    Sep 2003
    Posts
    3,040

    Default

    DoS

    Attacking host send request to the server with spoofed ip address. So the server reply to that fake IP, and wait for response form that fake IP, that server will never get. Every server have a que size (number of active request a server can handle at a time). For most of the servers, it will be 200 requests at a time. If it exceeds, server don't process the request.

    DDoS

    DoS from multiple location.
    Become PHP Expert in 30 days
    FreeMarriage.com - Free Online Matrimonial
    FlashWebHost.com - Professional Web Hosting, Designing.

  4. #4
    Join Date
    Sep 2004
    Location
    Maryland, USA
    Posts
    332

    Default

    Quote Originally Posted by admin
    DoS

    Attacking host send request to the server with spoofed ip address. So the server reply to that fake IP, and wait for response form that fake IP, that server will never get. Every server have a que size (number of active request a server can handle at a time). For most of the servers, it will be 200 requests at a time. If it exceeds, server don't process the request.

    DDoS

    DoS from multiple location.
    yeah, nasty little thing to do to a server... there are also different types od DoS's, and if your interested in knowing, I'll post them.

  5. #5
    Join Date
    Sep 2003
    Posts
    3,040

    Default

    madboyv1, go ahead and post it.

    It will be helpfull for everyone to know more about what is DDoS and how it is done.
    Become PHP Expert in 30 days
    FreeMarriage.com - Free Online Matrimonial
    FlashWebHost.com - Professional Web Hosting, Designing.

  6. #6
    Join Date
    Sep 2004
    Location
    Maryland, USA
    Posts
    332

    Default

    1. Discription

    A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include
    • attempts to "flood" a network, thereby preventing legitimate network traffic
    • attempts to disrupt connections between two machines, thereby preventing access to a service
    • attempts to prevent a particular individual from accessing a service
    • attempts to disrupt service to a specific system or person


    Not all service outages, even those that result from malicious activity, are necessarily denial-of-service attacks. Other types of attack may include a denial of service as a component, but the denial of service may be part of a larger attack.

    Illegitimate use of resources may also result in denial of service. For example, an intruder may use your anonymous ftp area as a place to store illegal copies of commercial software, consuming disk space and generating network traffic

    2. Impact

    Denial-of-service attacks can essentially disable your computer or your network. Depending on the nature of your enterprise, this can effectively disable your organization.

    Some denial-of-service attacks can be executed with limited resources against a large, sophisticated site. This type of attack is sometimes called an "asymmetric attack." For example, an attacker with an old PC and a slow modem may be able to disable much faster and more sophisticated machines or networks.

    3. MODES OF ATTACK

    Denial-of-service attacks come in a variety of forms and aim at a variety of services. There are three basic types of attack:


    1. consumption of scarce, limited, or non-renewable resources
    2. destruction or alteration of configuration information
    3. physical destruction or alteration of network components


    A. Consumption of Scarce Resources

    Computers and networks need certain things to operate: network bandwidth, memory and disk space, CPU time, data structures, access to other computers and networks, and certain environmental resources such as power, cool air, or even water.

    Network Connectivity

    Denial-of-service attacks are most frequently executed against network connectivity. The goal is to prevent hosts or networks from communicating on the network, which is soften called a SYN flood. In a SYN flood, the attacker begins the process of establishing a connection to the victim machine, but does it in such a way as to prevent the ultimate completion of the connection. In the meantime, the victim machine has reserved one of a limited number of data structures required to complete the impending connection. The result is that legitimate connections are denied while the victim machine is waiting to complete bogus "half-open" connections.

    You should note that this type of attack does not depend on the attacker being able to consume your network bandwidth. In this case, the intruder is consuming kernel data structures involved in establishing a network connection. The implication is that an intruder can execute this attack from a dial-up connection against a machine on a very fast network. (This is a good example of an asymmetric attack.)

    Using Your Own Resources Against You

    An intruder can also use your own resources against you in unexpected ways. One example is an intruder uses forged UDP packets to connect the echo service on one machine to the chargen service on another machine. The result is that the two services consume all available network bandwidth between them. Thus, the network connectivity for all machines on the same networks as either of the targeted machines may be affected.

    Bandwidth Consumption

    An intruder may also be able to consume all the available bandwidth on your network by generating a large number of packets directed to your network. Typically, these packets are ICMP ECHO packets, but in principle they may be anything. Further, the intruder need not be operating from a single machine; he may be able to coordinate or co-opt several machines on different networks to achieve the same effect.

    Consumption of Other Resources


    In addition to network bandwidth, intruders may be able to consume other resources that your systems need in order to operate. For example, in many systems, a limited number of data structures are available to hold process information (process identifiers, process table entries, process slots, etc.). An intruder may be able to consume these data structures by writing a simple program or script that does nothing but repeatedly create copies of itself. Many modern operating systems have quota facilities to protect against this problem, but not all do. Further, even if the process table is not filled, the CPU may be consumed by a large number of processes and the associated time spent switching between processes.

    An intruder may also attempt to consume disk space in other ways, including
    • generating excessive numbers of mail messages
    • intentionally generating errors that must be logged
    • placing files in anonymous ftp areas or network shares

    In general, anything that allows data to be written to disk can be used to execute a denial-of-service attack if there are no bounds on the amount of data that can be written.

    Also, many sites have schemes in place to "lockout" an account after a certain number of failed login attempts. A typical set up locks out an account after 3 or 5 failed login attempts. An intruder may be able to use this scheme to prevent legitimate users from logging in. In some cases, even the privileged accounts, such as root or administrator, may be subject to this type of attack. Be sure you have a method to gain access to the systems under emergency circumstances. Consult your operating system vendor or your operating systems manual for details on lockout facilities and emergency entry procedures.

    An intruder may be able to cause your systems to crash or become unstable by sending unexpected data over the network. If your systems are experiencing frequent crashes with no apparent cause, it could be the result of this type of attack.

    There are other things that may be vulnerable to denial of service that you may wish to monitor. These include
    • printers
    • tape devices
    • network connections
    • other limited resources important to the operation of your organization

    B. Destruction or Alteration of Configuration Information

    An improperly configured computer may not perform well or may not operate at all. An intruder may be able to alter or destroy configuration information that prevents you from using your computer or network.

    For example, if an intruder can change the routing information in your routers, your network may be disabled. If an intruder is able to modify the registry on a Windows NT machine, certain functions may be unavailable.

    C. Physical Destruction or Alteration of Network Components

    The primary concern with this type of attack is physical security. You should guard against unauthorized access to computers, routers, network wiring closets, network backbone segments, power and cooling stations, and any other critical components of your network.

    -----------------------------------------------------------------------------------

    for the full article: http://www.cert.org/tech_tips/denial_of_service.html

  7. #7
    Join Date
    Mar 2009
    Posts
    1

    Default

    Have a look at GigabitDC DDoS prevention. They do cost effective dedicated hosted on their own data center in Switzerland.

  8. #8
    Join Date
    Mar 2009
    Posts
    1

    Default TIME OUT....For a funny story!

    Hi! I just became a part of this forum here and I would love to be a part of it. I love contributing to the community.
    I can probably add some humour to start with. Here are some funny stories that I read somewhere.

    A patient comes to a Dentist with a tooth pain.
    Dentist : Two of you teeth are infected and we need to extract them.
    Patient: How much will it cost?
    Dentist: Seven hundred and fifty dollars for both.
    Patient: What? Seven hundred and fifty dollars for 10 minutes of work?
    Dentist: Well, if you like, I can pull them out slowly!

    Here is another one:

    Husband and wife have just left their home for camping.
    Wife: We should turn the car back! I forgot to turn off the gas stove and it might burn our appartment!
    Husband: It's okay, the apartment will not burn, I forgot to turn off the shower.

    The last one:

    A trial is in progress in the court room.
    Lawyer: Your Honour, if a person has 18 criminal records he is not a criminal.
    Judge: Then who is he?
    Lawyer: He is a Collector.

    Thanks for reading. I hope you enjoyed it.

  9. #9
    Join Date
    Mar 2009
    Posts
    5

    Default Did you hear about BEST software for promo and SEO? ;)

    Wow! This program can EVERYTHING!!! + mass post threads and messages on forums, blogs, guestbooks, boards, bulletins + mass send PM (personal messages) to ALL users on thouthands forums simultaneously (multi-threading) + automatically register e-mail accounts on GMAIL.Com and other email services + automatically break CAPTCHAs - you see, this forum has captcha on registering, but it's was breaked ;) + have a lot of tools for links databases processing and analysing + automatically confirm all links from e-mail account + built-in "question-answer" system, mass post-editing system + a lot of other featuresName of this program - XRumer 5.0 PalladiumNot XRunner, not XRoomer, not xrumer - but XRumer.(versions XRumer 2.9 and XRumer 3.0 are too old)Just ask Google! ;)

  10. #10
    Join Date
    Apr 2009
    Posts
    1

    Default Nice post.

    I'm new to the forum. Nice post.
    Last edited by gepRotexporge; 04-02-2009 at 05:42 PM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •