Twitter was down for hours due to a DDoS on Wednesday (August 5th 2009). Facebook was also experiencing similar attack on Wednesday. The attack was effectively preventing Twitter’s users to access the popular website. Popular websites like Twitter and Facebook have million of users that use huge amount of server resource, and on top of that — not one hacker but many — are trying to claim some fame (money and so on) by attacking these established websites. If not scale properly, even big websites like Twitter and Facebook are susceptible to DDoS.
Wikipedia has an explanation of what is DDoS. To simplify the meaning of DDoS, it’s a type of hack where hackers have access to hacked computers (usually in thousands or a lot more), and they use the hacked computers to send countless requests to shut down their targets (i.e., Twitter, Facebook). If hackers want to steal information from the service or services, it’s very unlikely for hackers to deploy DDoS. By deploying the DDoS, hackers announce to the system administrators that they are being hacked. It’s unwise to steal information and let the system administrators know that they are getting hacked at the same time.
Small websites and big websites may use the combination of hardware firewall and software firewall to thwart DDoS. Using hardware firewall will not affect server’s performance. Using software firewall may hog huge amount of server resource. Hardware firewall may not try to stop worms that had infected the network from connecting to the Internet. Software firewall is better at stopping worms from connecting to the Internet. If the hackers are sending legitimate requests to the servers, there is no way for hardware firewall or software firewall to stop the attack. Sophisticated DDoS is hard to stop since requests are make by legitimate computers that spread all over the Internet in different countries and so on. Tracing the hackers that are behind the attacks can also prove to be very difficult.
Vinh Nguyen
