"Logic bombs" are pieces of program code which trigger at a predetermined moment, which may be when a particular date is reached, when a certain command is run, or any other system event.
Therefore, this type of virus may be activated at a specific moment on many machines at once (and is therefore sometimes called a time bomb), for example, on Valentine's Day, or on the anniversary of a major event: The Chernobyl logic bomb activated on April 26, 1999, the 13th anniversary of the nuclear disaster.
Logic bombs are normally used for launching denial of service attacks by overwhelming the network capacity of a website, online service, or business.
A "denial-of-service attack" (abbreviated DoS) is a type of attack that aims to make an organization's services or resources unavailable for an indefinite amount of time. Most of the time, these attacks are aimed at a company's servers, so they may not be used or consulted.
Denial-of-service attacks are a hassle that can affect any company server or any individual connected to the internet. The goal of such an attack is not to retrieve or alter data, but to damage the reputation of companies that are present on the internet and to potentially keep them from operating properly if their activity is based on an information system.
Technically speaking, these attacks are not very complicated, but are not any less effective against any type of machine with a Windows (95, 98, NT, 2000, XP, etc.), Linux (Debian, Mandrake, RedHat, Suse, etc.), Commercial Unix (HP-UX, AIX, IRIX, Solaris, etc.) or any other type of operating system. Most denial-of-service attacks exploit flaws related to the implementation of a TCP/IP model protocol.
Denials of service are usually broken down into two types:
- Denials of service by saturation, which involve flooding a machine with requests so it can no longer respond to actual requests;
- Denials of service by vulnerability exploitation, which involve exploiting a flaw in the remote system so as to make it unusable.
The principle of denial-of-service attacks involves sending IP packets or data of unusual sizes or forms, so as to saturate the target machines or make them unstable and therefore keep them from providing the network services they offer.
When a denial of service is triggered by several machines, this is referred to as "distributed denial of service" (abbreviated DDOS). The most well-known distributed denial-of-service attacks are Tribal Flood Network (abbreviated TFN) and Trinoo.
Protecting yourself from a denial of service
To protect yourself against this type of attack, it is important to keep an active watch over new attacks and vulnerabilities and to retrieve patches from the internet that are designed by software publishers and some specialized groups:
For Further Reading,
0 comments:
Post a Comment