Archive for the ‘Discoveries’ Category
Just stumbled upon this. The pictures speak for themselves.
Our Planet Looks Cool! Doesn’t it?
Jupiter is the Lead Role in this Movie.
Sun – Guess Who’s The Sun!
(Jupiter is about 1 pixel)
(Earth is invisible in this scale)
The Sun is 1 Pixel “big”.
Where are You in all this????
God.. tussi great ho…
I was surfing my msn psm list… when i came across a strange psm lolling @ DDOS attack… I’ve heard of it lots of time.. but didn’t know what it was exactly.. so… i phoned Google.. and found this article.. i read it all.. and now its crystal clear.. just sharing it with all of you. credit to Mr. Larry Rogers, The Author.
What is a Distributed Denial of Service (DDoS) Attack and What Can I Do About It?
by Larry Rogers
What is a Distributed Denial of Service (DDoS) attack?
Have you ever tried to make a telephone call but couldn’t because all the telephone circuits were busy? This may happen on a major holiday and often happens on Mother’s Day. In fact, in the United States, telephone companies used to air commercials on television and radio that suggested you avoid peak calling times by making your calls early or late in the day.
The reason you couldn’t get through is because the telephone system is designed to handle a limited number of calls at a time. That limit was determined by weighing the cost of having all calls get through all the time with the amount of traffic the system receives. If the total number of calls is always high, it makes economic sense for the telephone company to provide more capacity to match that demand. However, if the number of calls is low compared to the holiday peaks, then the telephone company will build networks that accommodate only the lower off-peak number of callers and advise their customers to avoid peak calling times. It’s a basic matter of supply and demand.
Imagine that an intruder wanted to attack the telephone system and make the system unusable by telephone customers. How would they do this? One way would be to make call after call in an attempt to make all circuits busy. This type of attack is called a denial of service, or DoS, attack. In essence, the intruder has caused the telephone system to deny service to its customers. It is not likely that one caller working alone can tie up all telephone circuits. To do that would require making as many calls as possible from as many telephones as possible. This is called adistributed denial of service, or DDoS, attack.
Computer systems can also suffer DoS and DDoS attacks. For example, sending an extraordinary amount of electronic mail to someone could fill the computer disk where mail resides. This means that people who use the computer with the full disk cannot receive any new email until the situation changes. While this is an older style of DoS attack, it is still popular today.
In addition, intruders have turned their efforts toward denying people the services provided by networked computers. Examples of frequently attacked services are the World Wide Web1, file sharing services and, more recently, the Domain Name Service2. Because so many of our computers are connected through the Internet, attacking one of these services can have a significant impact on the whole Internet community. For example, by launching a DoS attack on a popular merchant during a high sales period, the intruder affects not only that merchant, but everyone who is then unable to buy their products.
To deny these services to prospective users of a computer service, intruders run specially written computer programs that send extraordinary volumes of Internet "calls" to one of the computers that provides that service, similar to the way that an intruder can tie up the telephone system.
When a computer answers such a call, most often there’s no one on the other end, so answering the call turned out to be a waste of time. Unfortunately, the attacked service cannot tell this in advance, so it has to answer all calls placed to it. Answering each call takes time, and there’s only so much time available. It’s the supply and demand issue all over again.
In addition, the volume of traffic may be so high that the networks connecting the attacking computers to the victim’s computer may also suffer from lower performance. Just like the telephone system and service computers, these networks cannot handle traffic beyond a certain limit. Users wanting services from computers on those networks are denied those services, too. Those networks are also considered victims of a DDoS attack.
How do intruders wage a DDoS attack against a victim’s computer?
First, they build a network of computers that will be used to produce the volume of traffic needed to deny services to computer users. We’ll call this an attack network.
To build this attack network, intruders look for computers that are poorly secured, such as those that have not been properly patched, or those with out-of-date or non-existent anti-virus software. When the intruders find such computers, they install new programs on the computers that they can remotely control to carry out the attack.
Intruders used to hand-select the computers that made up the attack network. These days, however, the process of building an attack network has been automated through self-propagating programs. These programs automatically find vulnerable computers, attack them, and then install the necessary programs. The process begins again as those newly compromised computers look for still other vulnerable computers. Once a DDoS program has been installed on a computer, that program identifies the computer as a member of the attack network. Because of this self-propagation, large attack networks can be built very quickly. A by-product of the network-building phase is yet another DDoS attack, because searching for other vulnerable computers creates significant traffic as well.
Once an attack network is built, the intruder is ready to attack the chosen victim or victims. Some information security experts believe that many attack networks currently exist and are dormant, passively waiting for the command to launch an attack against a victim’s computers. Others believe that once a victim has been identified, the attack network is built and the attack launched soon afterward.
To reduce their chances of being discovered, intruders distribute their attack across computers in different time zones, different legal jurisdictions, and with different systems administrators. Intruders also make the electronic traffic they create appear to be from a computer different from the one that actually created it. This is called IP spoofing, and it is a commonly used method to disguise where an attack is really coming from. If the source of the attack is unknown, it is difficult to stop it, giving intruders free reign with a high likelihood of successfully remaining anonymous.
The MyDoom virus is an example of building such a DDoS attack network. In this case, the attack network was built not through technological vulnerabilities but rather through operational vulnerabilities. Computer system users were coaxed into executing a malicious program that was either sent as an email attachment or as a file downloaded through a Point-To-Point network connection, effectively enrolling their computer system into the attack network. However, instead of remotely controlling the newly installed malicious program as previously described, the intruder designed it to automatically send significant amounts of traffic to http://www.sco.com3 on February 1, 2004 and http://www.microsoft.com on February 3, 2004. See Technical Cyber Security Alert TA04-028A for a detailed explanation of MyDoom. This alert also lists steps that can be taken to remove it from an infected computer system.
What can be done about DDoS attacks?
There are no short-term solutions to eliminate DDoS attacks. Today’s best practices involve making computers and networks more resilient in the face of an attack. We call this survivability.
All systems have their limits. One way to make a system more survivable is to increase these limits; the more resources there are, the better the chances are that the system will survive an increased demand for use. To increase the telephone system’s limits, the telephone company adds more circuits. For a web service, the webmaster might increase the number of connections that a web service can accept; for example, a site could add more web servers. This spreads the increased load over more computers and helps to ensure that no one computer operates too near its limit. The higher the limits of all the potentially affected systems – the network and the computers on that network – the better the chances that network will survive a DDoS attack.
You can do your part to ensure that your computers are never part of a DDoS attack network by following security best practices, such as those inHome Computer Security. Then, be alert to changes in your computer or network performance.
Ask yourself the following questions:
- Are your computers running noticeably slower than usual?
- Is your Internet connection slower than usual?
- Are the activity lights on your high-speed (cable or DSL) modem solid, or on almost all of the time?
Any of these could indicate that your computer system may be a participant in a DDoS attack network. If this happens to you, contact your Internet service provider (ISP) and follow their recommendations. Also, you should strongly consider turning off your computer system or your high speed modem. That will certainly stop the flow of DDoS traffic, though this is only a temporary solution.
If your computer system was a participant in a DDoS attack network, your system was compromised, and attack tools were installed on your computer. You’ll need to determine what the intruders did and then repair the damage. The article There IS an Intruder in My Computer – What Now?describes how to recover from an intrusion on your home computer.
Distributed denial of service attacks are a significant problem. These attacks will be with us for a while, though there is ongoing research on how to reduce them (see the More reading section below). Until then, DDoS is no (tele)phoney baloney!
I got this while checking my old livemail. Instead of fwding it to everyone and getting deteled from tushals inbox even without being read. Thought i’d be better to share it on my blog! So here’s some phylosophy for you all! do read it! It makes sense, and u dnt even have to fwd it!
When things in your life seem almost too much to handle, when 24 hours in a day are not enough, remember the mayonnaise jar and the 2 cups of coffee.
A professor stood before his philosophy class and had some items in front of him. When the class began, he wordlessly picked up a very large and empty mayonnaise jar and proceeded to fill it with golf balls. He then asked the students if the jar was full. They agreed that it was.
The professor then picked up a box of pebbles and poured them into the jar He shook the jar lightly. The pebbles rolled into the open areas between the golf balls. He then asked the students again if the jar was full. They agreed it was.
The professor next picked up a box of sand and poured it into the jar. Of course, the sand filled up everything else. He asked once more if the jar was full. The students responded with an unanimous ‘yes.’
The professor then produced two cups of coffee from under the table and poured the entire contents into the jar effectively filling the empty space between the sand. The students laughed.
‘Now,’ said the professor as the laughter subsided, ‘I want you to recognize that this jar represents your life. The golf balls are the important things—your family, your children, your health, your friends and your favorite passions—and if everything else was lost and only they remained, your life would still be full.
The pebbles are th e other things that matter like your job, your house and your car.
The sand is everything else—the small stuff. ‘If you put the sand into the jar first,’ he continued, ‘there is no room for the pebbles or the golf balls. The same goes for life. If you spend all your time and energy on the small stuff you will never have room for the things that are important to you.
‘Pay attention to the things that are critical to your happiness. Spend time with your children. Spend time with your parents. Visit with grandparents. Take time to get medical checkups. Take your spouse out to dinner. There will always be time to clean the house. the things that really matter. Set your priorities. The rest is just sand.’
One of the students raised her hand and inquired what the coffee represented The professor smiled and said, ‘I’m glad you asked.’
The coffee just shows you that no matter how full your life may seem, there’s always room for a couple of cups of coffee with a friend.’
im a regular Stumble upon surfer… so… one very day, i stumbled upon this very cood site!
You get some paragraphs to type in and it rates your typing speed, counts you mistakes and return a ranking.
its really simple, but believe me! Thats damn damn addictive! My personal best it 215 points, with 52 words per minute. 0 mistakes.
try it out guys n dolls!
back then.. wen i was in form 4.. i dnt remember which day.. i just remember it was break time. my n my friends wen in the class… ti p fer devoir addmaths (pa ti fer homework, lol). And a discussion raised… about a theorem that i had put forward! The Reminder Theorem! (not remainder).. well well… if an apple goes up and comes back down(which has nothing extra ordinary from my nani’s pont of view) is given big big names like Newtons Law of Gravitation…, y cant i do smething similar to a similar similarity!
Lets come back to the Break time in f4 white class. It was a dicussion between me n shehezaad(dude, if ur reading! i havent forgoton u! ). Read the rest of this entry »
Zot truv sa la ban zen…. Its a bit “wavy”… isnt it?? Believe it on not! the lines in this picture are perfectly parallel and perpendicular repectively, and the picture is absolutely static. Its really an amazing illusion.
Dimoune seki pa koner google kieT sa, lev lamain laooo met lamain dan lerein..
Today, i was surfing using GChrome, and as a matter of fact.. i was feeling lucky… so i went on google’s homepage.. i noticed that little button “Im feeling lucky”. Its been there since… pheeew… years ago… and I NEVER CLICKED IT! i thought it was a link to somekind of online arcade or smething… like casino.. bof.. So hell ya! I Clicked it!! And wow… got this super glittery flashing ziggling message i was expecting! Read the rest of this entry »