Weligaa ma dareentay gaabis aan caadi ahayn oo ku yimid xawaaraha shabakadaada ama la'aanta lama filaanka ah ee mareegaha qaarkood? Fursadaha waxa ay noqon kartaa in uu jiro weerar Diidmada Adeegga^{(Denial of Service attack)} oo socda. Waxaa laga yaabaa inaad taqaan ereyga - Diidmada Adeegga^{(Denial of Service)} laakiin dhab ahaantii, way adkaan kartaa in la kala saaro weerarka dhabta ah iyo dhaqdhaqaaqa shabakada caadiga ah. Diidmada Adeegga (ama DoS)^{(Denial of Service (or DoS))} , kaas oo, sida magacaba ka muuqata, si toos ah ula xidhiidha diidmada adeeg, gaar ahaan, internetka^(Internet) .

Weerarka DoS waa nooc ka mid ah weerarka wax ku cuna kheyraadka isticmaalaha oo shabkada hoos u dhiga jilbaha, si looga hortago isticmaaleyaasha sharciga ah inay galaan shabakad kasta. Weerarka DoS wuxuu ahaa oo weli ah mid ka mid ah weerarrada ugu casrisan ee aan midna lahayn siyaasad ka hortag ah oo suurtagal ah. Maqaalkan, waxaanu ku iftiimin doonaa waxa uu yahay weerarka DoS iyo sida ugu wanaagsan ee looga hortagi karo iyo waxa la sameeyo haddii aad ogaato in lagu soo weeraray.

Waa maxay DoS ama Diidmada^(Denial) Adeegga Weerar^{(Service Attack)}

Weerarka DoS , weeraryahan ujeedo xaasidnimo leh ayaa ka horjoogsada isticmaalayaasha inay helaan adeeg. Waxa uu sidaas ku sameeyaa adiga oo bartilmaameedsanaya kombayutarkaada iyo isku xidhka shabakada, ama kombayutarada iyo shabakada shabakada ee aad isku dayayso inaad isticmaasho. Markaa wuxuu kaa hor istaagi karaa inaad gasho iimaylkaaga ama akoonkaaga internetka.

Bal qiyaas xaalad, halkaas oo aad isku dayayso inaad gasho akoonkaaga Bangiga Internetka ee dhaqdhaqaaqa wax kala iibsiga onlaynka ah. ^{(Internet Banking)}Si kastaba ha ahaatee, si kasta oo la yaab leh, ayaa laga yaabaa in laguu diido inaad gasho bogga bangiga, in kasta oo aad leedahay xiriir internet oo degdeg ah. Hadda waxaa jiri kara laba fursadood - ama adeeg bixiyahaaga internetka ayaa go'an ama waxaad ku jirtaa weerar DoS !

Weerarka DoS , weeraryahanku wuxuu soo diraa daadad codsiyo aan caadi ahayn server-ka ugu weyn ee shabakada su'aasha, kaas oo asal ahaan xad dhaaf ah oo xannibaya codsi kasta oo dheeri ah ka hor inta aan awoodda dib loo hayn. Tani waxay sababtaa diidmada codsiyada sharciga ah ee website-kan oo sidaas awgeed, adiga ayaa dhibbanaha ah^{( you’re the victim)} .

Si kastaba ha ahaatee, siyaabaha weerarku way kala duwanaan karaan iyadoo lagu salaynayo ujeedooyinka qofka weerarka gaystay laakiin tani waa habka ugu badan ee lagu qaado weerarka DoS . Siyaabaha kale ee loo weeraro waxaa ka mid noqon kara ka hortagga qof gaar ah inuu galo degel gaar ah, xannibaadda isku xirka labada mishiin ee dhammaadka server-ka, sidaas darteed, carqaladaynta adeegga, iwm.

Qaar ka mid ah weeraryahanada ayaa sidoo kale ku kaca nooc kale oo weerar DoS ah - Iimayl qarxin^{(Email bombing)} kaas oo fara badan oo emails spam ah la soo saaray oo lagu daadiyay sanduuqa qofka si^(Inbox) codsi kasta oo kale oo loo diro server-ka laga joojiyo. Tani waxay ku dhici kartaa si ballaaran, xitaa koontada iimaylka ee ay ku siiyeen loo-shaqeeyayaasha, ma aha in la xuso adeegyada boostada dadweynaha sida Yahoo, Outlook, iwm^{(Yahoo, Outlook, etc)} . Xitaa waxaa lagaa joojin karaa inaad hesho iimaylo kale oo sharci ah maadaama qoondada kaydintaada la buuxin doono. Iyaga oo hammigooda ku jira noocyo badan oo kala duwan, dhiirigelinta weerar-yahanadu waxa ay u dhaxayn kartaa 'kaliya- madadaalo' ilaa dhaqaale la'aan iyo aargoosi.

Xiriirinta^(Related) : Browser ayaa ku xayirmay hubinta Browserkaaga ka hor intaadan gelin^{(Checking Your Browser Before Accessing)} fariinta.

Noocyada Weerarada DoS

Iyada oo ku saleysan dabeecadda iyo ujeedada weerarka, waxaa jira dhowr nooc oo barnaamijyo ah oo loo isticmaali karo in lagu bilaabo weerarrada DoS^(DoS) ee shabakadaada. Fiiro gaar ah u yeelo weerarada DoS ee inta badan la isticmaalo:^(DoS)

1] SYN Daadka

Daadka SYN^{(SYN Flood)} waxa ay ka faa'iidaysataa habka caadiga ah ee lagu furo xidhiidhka TCP . Marka macmiilku rabo inuu furo xidhiidhka TCP ee marinka furan ee adeegaha, waxa uu soo diraa xidhmo SYN ah. Seerfarku waxa uu helayaa xidhmooyinka, farsameeyaa, ka dibna dib ayuu u soo diraa xidhmada SYN-ACK^{( SYN-ACK)} oo ay ku jirto macluumaadka macmiilka isha ee ku kaydsan miiska Xakamaynta Gudbinta (TCB) . ^{(Transmission Control Block (TCB))}Duruufaha caadiga ah marka ay jiraan, macmiilku waxa uu soo celin doonaa xidhmada ACK^(ACK) isaga oo qiraya jawaabta serferka oo markaa furaya xidhiidhka TCP . Si kastaba ha ahaatee, hoos iman kara weerar daadka SYN^{(SYN flood attack)},Weeraruhu waxa uu soo diraa codsiyo xidhiidhin ciidan ah isaga oo isticmaalaya ciwaanka IP-ga ee parody kaas oo loola dhaqmo codsiyo sharci ah mashiinka bartilmaameedka. Ka dib, waxay ku mashquulsan tahay habaynta mid kasta oo kuwaas ka mid ah waxayna isku daydaa inay furto xidhiidh dhammaan codsiyadan xunxun.

Duruufaha caadiga ah marka ay jiraan, macmiilku waxa uu soo celin doonaa xidhmada ACK^(ACK) isaga oo qiraya jawaabta serferka oo markaa furaya xidhiidhka TCP . Si kastaba ha ahaatee, marka la eego weerarka daadka SYN^(SYN) ee suurtagalka ah, weeraryahanku wuxuu soo diraa codsiyo xiriirin ah isagoo isticmaalaya ciwaanka IP-ga oo loo daweeyay codsiyo sharci ah mashiinka bartilmaameedka. Ka dib, waxay ku mashquulsan tahay habaynta mid kasta oo kuwaas ka mid ah waxayna isku daydaa inay furto xidhiidh dhammaan codsiyadan xunxun. Tani waxay keenaysaa in seerfarku uu sii sugayo xidhmada ACK^(ACK) codsi kasta oo xidhiidh ah kaas oo runtii waligiis iman. Codsiyadani waxay si dhakhso ah u buuxinayaan TCB server-ka^(TCB)miiska ka hor inta uusan wakhti ka qaadin xiriir kasta oo sidaas darteed codsiyo xiriir oo kale oo sharci ah ayaa lagu riixaa safka sugitaanka.

Akhriso^(Read) : Waa maxay Diidmada Adeegga Madax-furashada^{(What is Ransom Denial of Service)} ?

2] HTTP daad

Tan waxaa inta badan loo adeegsadaa weerarrada adeegyada iyo codsiyada shabakadda. Iyadoo aan xoogga la saarin taraafikada shabakada heerka sare ah, weerarkani wuxuu soo dirayaa codsiyada HTTP POST^{(HTTP POST requests)} oo dhamaystiran oo muuqda . Loogu talagalay si gaar ah si loo damiyo ilaha bartilmaameedka, weeraryahanku wuxuu soo diraa tiro ka mid ah codsiyadan si uu u hubiyo in codsiyada sharciga ah ee dheeraadka ah uusan soo marin server-ka bartilmaameedka ah inta ay ku mashquulsan tahay socodsiinta codsiyada been abuurka ah. Haddana way fududahay laakiin aad bay u adag tahay in la kala saaro codsiyada HTTP iyo kuwa saxda ah maadaama waxa ku jira Madaxa^(Header) ay u muuqdaan kuwo la aqbali karo labada xaaladoodba.

3] Diidmada La Qaybiyay^{(Distributed Denial)} Weerar Adeeg^{(Service Attack)} ( DDoS )

Diidmada Adeegga la qaybiyay^{(Distributed Denial of Service)} ama weerarka DDoS waa sida sarkaalka la qurxiyay ee kooxdan. In badan oo aad u casrisan oo ka sarreeya weerarka caadiga ah ee DoS , DDoS waxay soo saartaa taraafikada mashiinka bartilmaameedka iyada oo loo marayo in ka badan hal kombiyuutar. Weeraryahanku waxa uu hal mar gacanta ku hayaa dhawr kombiyuutaro iyo qalab kale oo la jabsaday waxana uu u qaybiyaa hawsha daadinta server-ka la beegsanayo taraafikada, isaga oo si aad ah u cunaya kheyraadkiisa iyo baaxaddiisa. Weeraryahanku waxa kale oo uu u isticmaali karaa kombiyuutarkaaga si uu u weeraro kombuyuutar kale haddii ay jiraan arrimo ammaan oo soo jiitamayey.

Hadda, sida muuqata sida ay tahay, weerarka DDoS^{(DDoS attack)} wuxuu noqon karaa mid waxtar badan oo dhab ah marka la barbardhigo  DoS . Qaar ka mid ah mareegaha si fudud u xamili kara iskuxiryo badan ayaa si fudud loo dejin karaa iyadoo la soo dirayo codsiyo spam oo badan oo isku mar ah. Botnets- ka waxaa loo isticmaalaa in lagu shaqaaleysiiyo dhammaan noocyada kala duwan ee aaladaha nugul kuwaas oo ammaankooda la waxyeeleyn karo iyada oo la isku duro fayraska iyaga oo u saxiixaya ciidanka Zombie^{(Zombie army)} kaas oo weeraryahanku uu xakameyn karo oo u isticmaali karo weerarka DDoS . Sidaa darteed^(Hence) , adigoo ah isticmaale kombuyuutar caadi ah, waxaad u baahan tahay inaad ka digtoonaato daldaloolada amniga ee nidaamkaaga iyo agagaarkeeda haddii kale waxaa laga yaabaa inaad ku dhameysato qof shaqadiisa wasakhaysan oo aadan weligaa ka ogeyn.

Kahortagga weerarka DoS

Weerarada DoS^(DoS) horay looma sii go'aamin karo. Kama hor istaagi kartid inaad noqoto dhibane weerarka DoS . Ma jiraan siyaabo badan oo wax ku ool ah taas. Si kastaba ha ahaatee, waxaad yarayn kartaa rajada ah inaad ka mid noqoto weerarkan oo kale halkaasoo kombuyuutarkaaga loo isticmaali karo in lagu weeraro mid kale. Hoos ka fiirso qodobbada muhiimka ah ee kaa caawin kara inaad nasiibkaaga hesho.

1. Geli barnaamijka antivirus iyo firewall shabakadaada haddii aan hore loo samayn. Tani waxay gacan ka geysaneysaa xaddididda isticmaalka xadhkaha xatooyada isticmaalayaasha la xaqiijiyay oo keliya.
2. Habaynta adeegaha^{(Server configuration)} ayaa kaa caawin kara yaraynta itimaalka in la weeraro. Haddi aad tahay maamulaha shabakada qaar ka mid ah shirkadaha, u fiirso qaabaynta shabakadaada oo adkee siyaasadaha dab-damiska si aad uga ilaaliso isticmaalayaasha aan la hubin inay wax ka qabtaan ilaha serverka.
3. Qaar ka mid ah adeegyada dhinac saddexaad waxay^{(third-party services)} bixiyaan hagitaan iyo ilaalin weerarrada DoS^(DoS) . Kuwani waxay noqon karaan kuwo qaali ah laakiin sidoo kale waxtar leh. Haddii aad leedahay raasamaal si aad u geliso adeegyadan shabakadaada, si fiican u soco.

Weerarada DoS waxaa guud ahaan lagu bartilmaameedsadaa hay'adaha^{(high-profile organizations)} caanka ah sida bangiyada iyo shirkadaha maaliyadda, ganacsiga iyo ganacsiga, iwm. Waa in qofku si buuxda uga warqabo oo uu sii fiiriyaa garabka si uu uga hortago weerar kasta oo iman kara. Inkastoo weerarradani aysan si toos ah ula xiriirin xatooyada macluumaadka sirta ah, waxay dhibbanayaasha ku lumin kartaa waqti iyo lacag aad u badan si ay dhibaatada uga takhalusaan.

Xiriirinta waxtarka leh:^{(Useful links:)}

• Kahortagga Diidmada ^(Denial)Weerarada^{(Service Attacks)} Adeegga – MSDN
• Hababka ugu Fiican ee Ka Hortagga DoS/Denial Weerarada Adeegga^{(Service Attacks)} – MSDN
• Fahamka Weerarrada Adeegga Diidmada^{(Denial-of-Service Attacks)} - US-Cert.go v
• Difaaca Xafiiska 365^{(Office 365)} ee Diidmada^{(Against Denial)} Weerarada Adeegga - Wax badan ka akhri ^{(Service Attacks – Read)}Microsoft
• Isha sawirka Wikipedia.

Denial of Service (DoS) Attack: What it is and how to prevent it

Have you ever felt an unusual slowness in your network speed or unexpected unavailability of a certain websіte? Chances could be that there could be a Denial of Service attack in progress. You might be familiar with the term – Denial of Service but in reality, it can be difficult to distinguish between a real attack and normal network activity. Denial of Service (or DoS) attack, which, as the name suggests, directly relates to being denied a service, notably, the Internet.

A DoS attack is a kind of attack that eats upon the resources of a user and brings the network down to its knees, thereby preventing legitimate users from accessing any website. The DoS attack has been and remains one of the most sophisticated attacks to which one does not have a potential prevention policy. In this post, we’ll shed some light on what is a DoS attack and how to better prevent it and what to do in case you know that you’re attacked.

What is DoS or Denial of Service Attack

In a DoS attack, an attacker with malicious intent prevents users from accessing a service. He does so by either targeting your computer and its network connection, or the computers and network of the website that you are trying to use. He can thus prevent you from accessing your email or online accounts.

Imagine a situation, where you are trying to log into your Internet Banking account for online transaction activity. However, as strange as it may seem, you are denied access to the bank’s website, in spite of having a swift internet connection. Now there could be two possibilities – either your internet service provider is down or you’re under a DoS attack!

In a DoS attack, the attacker sends out a flood of superfluous requests to the main server of the website in question, which basically overloads it and blocks out any further requests before the capacity is retained back. This causes a denial of the incoming legitimate requests for this website and consequentially, you’re the victim.

However, the ways of attack may differ based on the motives of the attacker but this is the most common way to launch a DoS attack. Other ways of attacking may involve preventing a particular person from accessing a certain website, obstructing the connection between two machines at the server end, therefore, disrupting the service, etc.

Some attackers also act on another kind of DoS attack – Email bombing in which a lot of spam emails are generated and flooded into one’s Inbox so that any further request to the mail server is debarred. This can happen widely, even on the email account provided to you by your employers, not to mention the public mail services like Yahoo, Outlook, etc. You can even get deprived of receiving any further legitimate emails as your allotted storage quota will be filled up. With a great deal of variety in their ambitions, the motivation of attackers may range from ‘just-for-fun’ to financial clinch to revenge.

Related: Browser stuck at Checking Your Browser Before Accessing message.

Types of DoS Attacks

Based on the nature and intent of the attack, there are several types of programs that can be used to launch DoS attacks on your network. Take a note of the below most commonly used DoS attacks:

1] SYN Flood

SYN Flood takes undue advantage of the standard way to open a TCP connection. When a client wants to open a TCP connection with the server’s open port, it sends out a SYN packet. The server receives the packets, processes it, and then sends back a SYN-ACK packet which includes the source client’s information stored in Transmission Control Block (TCB) table. Under normal circumstances, the client would send back an ACK packet acknowledging the server’s response and hence opening a TCP connection. However, under a potential SYN flood attack, the attacker sends out an army of connection requests using a parody IP address which are treated as legitimate requests by the target machine. Subsequently, it gets busy processing each one of these and makes an attempt to open a connection for all of these malevolent requests.

Under normal circumstances, the client would send back an ACK packet acknowledging the server’s response and hence opening a TCP connection. However, under a potential SYN flood attack, the attacker sends out an army of connection requests using a parody IP address which are treated as legitimate requests by the target machine. Subsequently, it gets busy processing each one of these and makes an attempt to open a connection for all of these malevolent requests. This causes the server to keep waiting for an ACK packet for each connection request which actually never arrives. These requests quickly fill up the server’s TCB table before it can time any connection out and thus any further legitimate connection requests are pushed into the waiting queue.

Read: What is Ransom Denial of Service?

2] HTTP Flood

This is most commonly used for attacking web services and applications. Without putting much emphasis on high-rate network traffic, this attack sends out a complete and seemingly valid HTTP POST requests. Designed specifically to exhaust the target server’s resources, the attacker sends out a number of these requests to make sure the further legitimate requests are not pulled through by the target server while it is busy processing the fake requests. Yet so simple but it is very difficult to distinguish these HTTP requests from the valid ones as the content of the Header seems admissible in both the cases.

3] Distributed Denial of Service Attack (DDoS)

Distributed Denial of Service or DDoS attack is like the decorated officer in this gang. Much sophisticated by levels above normal DoS attack, DDoS generates the traffic on the target machine via more than one computer. The attacker controls several compromised computers and other devices at once and distributes the task of flooding the target server with traffic, heavily eating on its resources and bandwidth. The attacker can also use your computer to launch an attack on another computer if there are lingering security issues.

Now, as obvious as it is, a DDoS attack can be much more effective and real when comparing to DoS. Some websites which can easily handle multiple connections can be brought down easily by sending numerous simultaneous spam requests. Botnets are used to recruit all sorts of vulnerable devices whose security can be compromised by injecting a virus into them and signing them up for Zombie army which the attacker can control and use them for a DDoS attack. Hence, being a normal computer user, you need to be aware of security loopholes in and around your system otherwise you might end up doing somebody’s dirty work and never know about it.

DoS attack prevention

DoS attacks can not be pre-determined. You can’t prevent being a victim of the DoS attack. There are not many effective ways to that. However, you can reduce the prospect of being a part of such an attack where your computer can be used to attack another. Take note of below salient points which can help you get the odds in your favor.

1. Deploy an antivirus program and firewall into your network if not already done. This helps in restricting the bandwidth usage to authenticated users only.
2. Server configuration can help diminish the probability of being attacked. If you’re a network administrator at some firm, take a look at your network configurations and harden the firewall policies to block out unauthenticated users from addressing the server’s resources.
3. Some third-party services offer guidance and protection against DoS attacks. These can be expensive but effective as well. If you have the capital to deploy such services in your network, better get going.

DoS attacks are generally targeted to high-profile organizations such as banking and financial sector companies, trade and commercial stubs, etc. One should be fully aware and keep looking over one’s shoulder to prevent any potential attacks. Although these attacks do not directly relate to the theft of confidential information, it can cost the victims a hefty sum of time and money to get rid of the problem.

Useful links:

• Preventing Denial of Service Attacks – MSDN
• Best Practices for Preventing DoS/Denial of Service Attacks – MSDN
• Understanding Denial-of-Service Attacks – US-Cert.gov
• Defending Office 365 Against Denial of Service Attacks – Read more at Microsoft
• Image source Wikipedia.

Related posts

• DDoS Qaybsan Diidmada Adeegga Weerarada: Ilaalinta, Ka Hortagga

• Adeegga Shabakadda SmartByte wuxuu sababaa xawaaraha Internetka oo gaabis ah Windows 11/10

• Waa maxay Diidmada Madaxfurashada (RDoS)? Ka-hortagga iyo taxaddarrada

• Dami Internet Explorer 11 sidii biraawsar u taagan oo kali ah addoo isticmaalaya Siyaasadda Kooxda

• Sida loo hubiyo in ciwaanka IP-gaagu uu soo daadanayo

• Waa maxay Turjumaan Ciwaanka Shabakadda (NAT)? Maxay qabtaa? Ma u baahanahay?

• Internetka oo dhan ma dumi karaa? Isticmaalka xad dhaafka ah ma dumin karaa internetka?

• Hagaaji Ciladda Asalka ee soo dejinta bogga shabakadda

• Sida loo sameeyo isku xirka internetka Windows 11/10

• Domain Fronting oo ay weheliso Khatarta iyo

• Talooyin, Qalab & Adeegyo Maareynta Sumcada ee khadka tooska ah

• Dib u eegis Yandex DNS: Degdeg badan, Internet ka ammaansan oo leh kontaroolo

• Sida guriga loogu isticmaalo isku xirka internetka la wadaago

• Edge iyo Store apps aan ku xidhnayn internetka - Khaladka 80072EFD

• Internetku ma shaqaynayo ka dib markii la cusbooneysiiyay Windows 11/10

• Sida loo joojiyo xayaysiisyada Google-ka inay igala socdaan internetka

• Waa maxay Domains Parked iyo Doomaha Qulqulka?

• Ku samee Xarunta Raadiyaha Internetka oo bilaash ah Windows PC

• Sida loo ogaado ama loo hubiyo halka isku xidhka ama URL loo jiheeyo

• Software-ka ugu Wacan ee Badbaadada Internetka ee Bilaashka ah ee Windows 11/10 PC