Friday, October 21, 2016

What is a DNS and why it can make the Internet stop working? – Gizmodo in Spanish

During the day, half of the Internet in the US was dropped due to hackers conducted a denial of service attack (DDoS) to the servers of Dyn, a DNS host. Still it is not known who carried it out or why but the incident served as a demonstration of how easy it is to knock down the Internet.

Dyn made the following statements regarding the attacks:

starting At 11:10 (UTC) on Friday, October 21, 2016, we began to monitor and mitigate a series of DDoS attacks against the DNS infrastructure of Dyn. Some clients may experience an increase in the latency of requests DNS and connection failures during this time. We will be notifying you about it as we get more information.

it Is somewhat spooky to know that web pages like Twitter, Spotify, Reddit, Etsy, Wired and PayPal can be flattened in an instant. The exact process used by the hackers is still unknown (beyond the fact that they were DDoS attacks), but it is important that all users of the Internet understand how it happened because it has to do with the way in which the Internet works.

it Is the way in which some of the most popular web pages in the world can be flattened in a heartbeat.


What is this technology?

The Domain Name System (DNS, according to its acronym in English) is like a phone book for the Internet and facilitates requests that are made to web pages in specific. Basically the DNS is to assure that you arrive at the correct site each time that you write the address of a website in your browser. Hackers tend to attack the DNS providers for the overthrow of the web pages that manage your servers. Today that happened to Twitter, Reddit, PayPal and many more.

This is the most basic definition of what is a DNS, but if you want to understand how they work you should know the complete order of operations that are involved. A user of the Internet common, and current sits in front of your computer and is one of many, many connected by using a network of underground cables. The individual nodes of the network communicate with each other using a few numbers known as "IP addresses". The DNS translates the addresses requested by users on IP addresses.

When you enter a URL (such as www.Gizmodo.com) your browser tries to find where is that website to do ping in a series of servers. It is a process with many more details and I’m not going to bore you explaining the more detail the whole chain of events. In general the system is designed to take you bar of your web browser to a web page almost instantly. Every time you surf the web and open dozens of tabs in the browser, your computer is doing ping in servers located around the world to provide you with the correct information. And it works. Although not today.


How can you stop working?

A DDoS attack is very common in which they use a lot of computers to overload a system by a flurry of server requests. In a DDoS attack, hackers often use a series of infected computers to create a flow of huge traffic that is being generated from different sources, ranging from thousands to hundreds of thousands. This in turn makes it much more difficult to identify a request of a real user than that of an attacker.

In today’s attack the hackers were able to overthrow the servers of Dyn, but this time it was a DNS host so popular that it is the responsible of manage sites like Basecamp, CNN, Etsy, Github, Grubhub, HBO Now, Imgur, PayPal, PlayStation Network, Reddit, Squarespace and Twitter.

When the servers of Dyn were down browsers basically do not know where to go when they asked for access to one of these websites or services. This kind of attacks happen every certain period of time, when the hackers create a small army of private computers that were infected with malicious software (a Botnet). The people who are partnering with the attack are not even aware that their computers have been infected and are part of this army. In the year 2014 a group of hackers known as "Lizard Squad" managed to knock down the platforms PlayStation Network and Xbox Live using this method. In 2015 a trojan horse virus called XOR DDoS helped a group of hackers to create a botnet really powerful, able to knock down almost any server or web page.

Defend a server from DDoS attacks can be quite difficult, but there are ways to prevent falling as of today. According to Network World, one of the methods has to do with the analysis of flows of traffic by which they can identify traffic, trash and filter it.


How do we protect ourselves from this?

How can we avoid carrying out these attacks that leave millions of people without access to the Internet and cause many companies to lose millions of dollars in revenue?

it Is somewhat complicated to do.

as soon as a security firm comes up with a way to protect companies like Dyn to hackers occur to them to new forms of attack. In the case of the DNS infrastructure there are those who believe that the best way for a web page to be able to avoid being knocked down by an attack of this type is working with multiple servers and DNS host. It is a effective measure and is probably the reason why some websites (such as Pornhub) survived the attack.

In the case of the servers of Dyn, the company ensures that you already solved the problem, although they have not specified how they did it.


Follow us also on Twitter, Facebook and Flipboard.

LikeTweet

No comments:

Post a Comment