Diidmada Adeegga La Qaybiyay^{(Distributed Denial of Service)} ama DDoS waxay leedahay taariikh dheer, waxayna noqotay gebi ahaanba mid guud markii kooxda Anonymous ay bilaabeen hawlgalladooda ka dhanka ah shabakad kasta oo ka dhan ah Wikileaks . Ilaa waagaas, ereyga iyo waxa loola jeedo waxaa yaqaan oo keliya dadka aqoonta u leh Amniga Internetka^{(Internet Security)} .

Diidmada Adeegga Qaybsan

Waxaan rabaa in aan ku daboolo qaar ka mid ah hababka DDoS ee caanka ah maqaalkan ka hor inta aan ka hadlin hababka looga fogaado ama looga hortago weerarrada DDoS .

Waa maxay weerarrada DDOS?

Waxaan hubaa in dhammaantiin aad garanaysaan macnihiisa. Kuwa ku cusub ereyga, waa "la qaybiyey" Diidmada Adeegga^{(Denial of Service)(Denial of Service)} - waxaa sababa codsiyada badan ee serferka oo aan awood u lahayn.

Marka la awoodi waayo in la socodsiiyo codsiyada wakhtiga dhabta ah sababta oo ah taraafig badan oo ay si ula kac ah u soo diraan tiro kombuyuutar ah oo la jabsaday, server-ka goobta ayaa soo laalaada oo joojiya ka jawaabista codsiyada kale ee macaamiisha kala duwan. Shabakadda kombuyuutarrada la jabsaday waxaa loo yaqaan ' BOTNETS ' . Asal ahaan^(Basically) , dhammaan kombiyuutarada iyo qalabka casriga ah ee shabakada waxaa gacanta ku haya tuugada oo dadka kombiyuutarada leh ma oga in la jabsaday.

Maadaama codsiyadu ay badan yihiin oo ay meelo kala duwan ka yimaadeen (gobolada kombiyuutarada la jabsaday way kala duwanaan karaan), waxa loo yaqaan " Diidmada^{(Distributed Denial)} Adeegga Qaybsan" ama DDoS oo kooban. Si ay DDoS u dhacdo, tirada iyo xoojinta isku-dayga isku xirka waa in ay ka badan yihiin waxa Server -ka la beegsaday  uu xamili karo. Haddii xajmigu sarreeyo, weerare kasta oo DDoS ah wuxuu u baahan doonaa kombiyuutaro badan iyo codsiyo badan si loo soo dejiyo server-ka.

TALO^(TIP) : Google Project Shield waxa ay bixisaa ilaalinta DDoS lacag la'aan ah iyo mareegaha dooro.

Hababka DDoS ee caanka ah & Qalabka Weerar

Waxaan hadda ka wada hadalnay mid ka mid ah hababka badan ee DDoS ee qaybta sare. Waxaa loo yaqaan " Diidashada la qaybiyey^{(distributed denial)} " maadaama khadadka isgaarsiintu aysan furmin hal ama laba laakiin boqolaal kombuyuutar ah oo la jabsaday. Hacker-ka haysta kombiyuutaro badan ayaa mar kasta bilaabi kara inuu codsiyo u diro server-ka uu rabo inuu soo dejiyo. Maadaama aysan ahayn hal ama laba laakiin kombiyuutaro badan ayaa la geliyay meeraha, waa la "qeybiyay". Seerfarku mar dambe ma danayn karo codsiyada soo socda iyo shilalka.

Hababka kale waxaa ka mid ah habka gacan^{(Handshake method)} -qaadka . Xaalad caadi ah, kumbuyuutarkaagu wuxuu furay khadka TCP ee seerfarka. Seerfarku wuu jawaabay oo wuxuu ku sugayaa inaad dhammaystirto gacan-qaadka. Gacan qaadku waa ficilo u dhexeeya kombuyuutarkaaga iyo server-kaaga ka hor intaysan bilaabmin wareejinta xogta dhabta ah. Xaaladda weerarka, hackers-ku wuxuu furayaa TCP laakiin waligiis ma dhammaystiro gacan-qaadka - sidaas darteed ilaalinta server-ka ayaa sugaya. Mareegaha kale hoos?!

Habka degdega ah ee DDoS waa habka UDP^{(UDP method)} . Waxay u shaqeysaa adeegayaasha DNS (Adeegga Magaca Domain)^{(DNS (Domain Name Service))} si ay u bilaabaan weerarka DDoS . Xallinta URL-^(URL) ka caadiga ah , kombuyuutaradaadu waxay shaqaaleeyaan Isticmaalaha Datagram Protocol^{(User Datagram Protocol)} ( UDP ) maadaama ay ka dhaqso badan yihiin xirmooyinka caadiga ah ee TCP . UDP , marka la soo koobo, maahan mid la isku halleyn karo maadaama aysan jirin si loo hubiyo baakadaha la tuuray iyo waxyaabaha la midka ah. Laakiin waxaa loo adeegsadaa meel kasta oo xawaaraha uu walaac weyn ka qabo. Xataa goobaha ciyaaraha ee onlineka ah waxay isticmaalaan UDP . Hackers waxay isticmaalaan daciifnimada UDPxirmo si ay u abuuraan daad fariimaha server ah. Waxay abuuri karaan baakado been abuur ah oo u muuqda inay ka imanayaan server-ka la beegsaday. Weydiintu waxay noqon doontaa shay u diri doona tiro badan oo xog ah server-ka la beegsaday. Sababtoo ah waxaa jira xaliyayaal badan oo DNS ah, waxay u fududaanaysaa hacker-ku inuu bartilmaameedsado server-ka keena goobta. Xaaladdan oo kale, sidoo kale, server-ka la beegsaday ayaa helaya su'aalo/jawaabo ka badan inta uu xamili karo.

Akhriso^(Read) : Waa maxay Diidmada Adeegga Madax-furashada^{(What is Ransom Denial of Service)} ?

Waxaa jira qalab badan oo dhinac saddexaad ah oo u dhaqma sida botnet haddii uu jabsaday uusan haysan kombiyuutaro badan. Waxaan xasuustaa mid ka mid ah kooxaha jabsiga badan ee dadka waydiinaya Twitter- ka inay ku buuxiyaan xogta aan tooska ahayn ee foomka bogga internetka oo ay ku garaacaan Dir^(Send) . Ma aanan samayn laakiin waxaan jeclaa sida ay u shaqeyso. Malaha, waxay sidoo kale u dirtay spam soo noqnoqda ee server-yada ilaa saturation laga gudbay oo seerfarku hoos u dhacay. Waxaad ka raadin kartaa aaladahaas internetka^(Internet) . Laakin xasuusnoow in jabsiga uu yahay dambi, mana taageerno wax dambiyada internetka^{(Cyber Crimes)} ah . Tan waxa loogu talagalay macluumaadkaaga kaliya.

Markaan ka hadalnay hababka weerarrada DDoS , aan aragno inaan iska ilaalin karno ama ka hortagi karno weerarrada DDoS .

Akhriso^(Read) : Waa maxay Koofiyadda Madow, Koofiyadda Cawlan ama Koofiyadda Cad ee Hacker?

Ilaalinta & ka hortagga DDoS

Ma jiraan wax badan oo aad sameyn karto, laakiin weli, waxaad yareyn kartaa fursadaha DDoS adiga oo qaadaya taxaddar. Mid ka mid ah hababka ugu badan ee loo isticmaalo weerarrada noocan oo kale ah ayaa ah in lagu xiro xawaaraha server-kaaga codsiyada been abuurka ah ee botnets. Iibsashada wax yar oo xajmi ah ayaa yarayn doonta ama xitaa ka hortagi doonta weerarrada DDoS , laakiin waxay noqon kartaa hab qaali ah. Xaddi badan oo xajmiyeedka macnaheedu waa inaad lacag badan siisaa adeeg bixiyahaaga.

Waxa kale oo wanaagsan in la isticmaalo habka dhaqdhaqaaqa xogta qaybsan. Taasi waa, halkii aad ka ahaan lahayd hal server, waxaad haysataa xog-hayayaal kala duwan oo ka jawaabaya codsiyada qaybo ka mid ah. Waxay ahaan lahayd mid aad qaali u ah waagii hore markii aad iibsan lahayd adeegayaal badan. Maalmahan, xarumaha xogta waxaa lagu dabaqi karaa daruuraha - sidaas darteed hoos u dhigista culeyskaada oo aad ka qaybiso server-yada oo dhan halkii aad ka ahaan lahayd hal server.

Xitaa waxaad isticmaali kartaa muraayadda haddii uu dhaco weerar. Server-ka muraayada waxa uu ka kooban yahay nuqulkii ugu dambeeyay (ma taagan) ee shayada ku jira seerfarka muhiimka ah. Halkii aad isticmaali lahayd server-yada asalka ah, waxaa laga yaabaa inaad rabto inaad isticmaasho muraayadaha si taraafikada soo galaya loo leexiyo, sidaas darteed, DDoS waa la fashilin karaa/ laga hortagi karaa.

Si loo xiro server-ka asalka ah oo aad u bilowdo isticmaalka muraayadaha, waxaad u baahan tahay inaad haysatid macluumaadka ku saabsan taraafikada soo galaya iyo kuwa ka baxaya shabakada. Isticmaal qaar ka mid ah kormeeraha kuwaas oo ku tusaya xaaladda saxda ah ee taraafikada iyo haddii ay qeylo dhaan, xirto serverka weyn, oo u leexiya taraafikada muraayadaha. Haddii kale, haddii aad taraafikada ku ilaalinayso, waxaad isticmaali kartaa habab kale si aad wax uga qabato taraafikada, adigoon xidhin.

Waxa kale oo aad tixgelin kartaa isticmaalka adeegyada sida Sucuri Cloudproxy ama Cloudflare maadaama ay bixinayaan ka hortagga weerarrada DDoS .

Kuwani waa qaar ka mid ah hababka aan u malayn karo, si looga hortago loona yareeyo weerarrada DDoS, oo ku salaysan dabeecadooda. Haddii aad wax khibrad ah kala kulantay DDoS, fadlan nala wadaag.^{(These are some methods I could think of, to prevent and reduce DDoS attacks, based on their nature. If you have had any experiences with DDoS, please share it with us.)}

Sidoo kale akhri^{(Also read)} : Sida loogu diyaargaroobo oo loola tacaalo weerarka DDoS .

DDoS Distributed Denial of Service Attacks: Protection, Prevention

Distributed Denial of Service or DDoS has a long history, and it became completely mainstream when the Anonymous group started its operations against any website against Wikileaks. Until then, the term and what it meant was known only to people with knowledge of Internet Security.

Distributed Denial of Service

I intend to cover some notable DDoS methods in this article before discussing methods to avoid or prevent DDoS attacks.

What are DDOS attacks?

I am sure all of you know its meaning. For those new to the term, it is “distributed” Denial of Service – caused by the way too many requests to the server than it can handle.

When unable to process requests in real-time due to high traffic that is intentionally being sent by a number of compromised computers, the site server hangs and stops responding to any more requests from different clients. The network of compromised computers is referred to as BOTNETS. Basically, all the computers and smart appliances in the network are controlled by hackers and the people owning those computers are not aware that they’ve been hacked.

Since the requests are many and come from different places (regions of hacked computers may vary), it is called a “Distributed Denial of Service” or DDoS for short. For a DDoS to happen, the number and intensity of connection attempts should be more than what the targeted Server can handle. If the bandwidth is high, any DDoS attacker will need more computers and more frequent requests to bring the server down.

TIP: Google Project Shield offers free DDoS protection yo select websites.

Popular DDoS Methods & Attack Tools

We just discussed one of the many DDoS methods in the above section. It is called “distributed denial” as the communication lines are opened by not one or two but hundreds of compromised computers. A hacker who has access to many computers can anytime start sending requests to the server he wants to bring down. Since it is not one or two but many computers placed across the planet, it is “distributed”. The server can no longer cater to incoming requests and crashes.

Among other methods is the Handshake method. In a normal scenario, your computer opens a TCP line with the server. The server responds and waits for you to complete the handshake. A handshake is a set of actions between your computer and server before actual data transfer begins. In the case of an attack, the hacker opens TCP but never completes the handshake – thus keeping the server waiting. Another website down?!

A quick DDoS method is the UDP method. It employs DNS (Domain Name Service) Servers for initiating a DDoS attack. For normal URL resolutions, your computers employ User Datagram Protocol (UDP) as they are faster than the standard TCP packets. UDP, in short, is not much reliable as there is no way to check dropped packets and things like that. But it is used wherever speed is a major concern. Even online gaming sites use UDP. Hackers use the weaknesses of UDP packets to create a flood of messages to a server. They can create fake packets that appear as coming from the targeted server. The query would be something that would send large amounts of data to the targeted server. Because there are multiple DNS resolvers, it becomes easier for the hacker to target a server that brings down the site. In this case, too, the targeted server receives more queries/responses than it can handle.

Read: What is Ransom Denial of Service?

There are many third-party tools that act like a botnet if the hacker does not have many computers. I remember one of the many hacking groups asking people on Twitter to fill in random data in some web page form and hit Send. I did not do it but was curious how it worked. Probably, it too sent repeated spam to servers until the saturation was crossed and the server went down. You can search for such tools on the Internet. But remember that hacking is a crime, and we do not endorse any Cyber Crimes. This is just for your information.

Having talked about methods of DDoS attacks, let us see if we can avoid or prevent DDoS attacks.

Read: What is Black Hat, Grey Hat or White Hat Hacker?

DDoS protection & prevention

There is not much you can do but still, you can reduce DDoS chances by taking some precautions. One of the most used methods by such attacks is to clog your server bandwidth with fake requests from botnets. Buying a little more bandwidth will reduce or even prevent DDoS attacks, but it can be a costly method. More bandwidth means paying up more money to your hosting provider.

It is also good to use a distributed data movement method. That is, instead of just one server, you have different datacenters that respond to requests in parts. It would have been very costly in the older days when you had to buy more servers. These days, data centers can be applied to the cloud – thus reducing your load and distributing it from across servers instead of just one server.

You may even use mirroring in case of an attack. A mirror server contains the most recent (static) copy of the items on the main server. Instead of using the original servers, you might want to use mirrors so that the traffic coming in can be diverted, and thus, a DDoS can be failed/prevented.

In order to close the original server and start using mirrors, you need to have information about incoming and outgoing traffic on the network. Use some monitor that keeps displays you the true state of traffic and if it alarms, closes the main server, and diverts traffic to mirrors. Alternatively, if you are keeping a tab on traffic, you may use other methods to deal with the traffic, without having to shut it down.

You can also consider using services like Sucuri Cloudproxy or Cloudflare as they offer protection against DDoS attacks.

These are some methods I could think of, to prevent and reduce DDoS attacks, based on their nature. If you have had any experiences with DDoS, please share it with us.

Also read: How to prepare for and deal with a DDoS attack.

Related posts

• Diidmada Adeegga (DoS) Weerar: Waxa uu yahay iyo sida looga hortago

• Weerarada Xoogaga Caadiga ah - Qeexida iyo Kahortagga

• Waa maxay Weerarka Dhexe ee Man-In-The-Middle (MITM): Qeexid, Ka-hortagga, Qalabka

• Adeegga Shabakadda SmartByte wuxuu sababaa xawaaraha Internetka oo gaabis ah Windows 11/10

• Weerarada Nuglaanta Afduubka DLL, Kahortagga & Ogaanshaha

• Screamer Radio waa barnaamij Raadiye Internet oo hufan oo loogu talagalay Windows PC

• Internetka oo dhan ma dumi karaa? Isticmaalka xad dhaafka ah ma dumin karaa internetka?

• Ammaanka Internetka ee TACHYON waa beddelka habboon ee aaladaha kale ee bilaashka ah

• Astaanta shabkada waxa ay tidhaahdaa Ma jiro internet gal, laakiin waan ku xidhanahay

• Oggolow ama ka jooji pop-upka Chrome, Firefox, Edge, Opera, Internet Explorer

• Liiska Software-ka Qarsoonnimada Internetka ee Bilaashka ah ugu Fiican & Alaabooyinka loogu talagalay Windows 11/10

• Sida loo beddelo ama loo beddelo goobaha WiFi Router kaaga?

• Sida loo damiyo Cusbooneysii Automatic ee Microsoft Edge ama Internet Explorer

• Domain Fronting oo ay weheliso Khatarta iyo

• Ku samee Xarunta Raadiyaha Internetka oo bilaash ah Windows PC

• Sida loo sameeyo isku xirka internetka Windows 11/10

• Maxay u taagan yihiin khaladaadka Koodhka Xaaladda HTTP ee caadiga ah?

• Internet Explorer shil ay sabab u tahay ertutil.dll on Windows 10

• Dami Internet Explorer 11 sidii biraawsar u taagan oo kali ah addoo isticmaalaya Siyaasadda Kooxda

• Waa maxay Domains Parked iyo Doomaha Qulqulka?