Source of denial

Following the recent spates of denial of service attacks by hackers supporting Wikileaks, Tony Hirst offers some insight into what's involved

By: Dr Tony Hirst (Communication and Systems Department)

Share on Google Plus Share on LinkedIn Share on Reddit View article Comments

When a browser makes a request to a web server, it looks up the IP address for the server from one or more DNS providers, and then uses the physical address returned to make a connection to the actual webserver that publishes the content (see this article for more information). Webservers (and domain name servers) are like bar staff: they can only serve so many customers at once. In a distributed denial of service attack, multiple (ie, distributed) computers all try to request the same page at the same time. The server gets flustered, and handles as many requests as it can, but there are going to be some requests that can't be handled. Access is denied to those requests, and the website appears to the use to be down.

DDOS attacks are certainly inconvenient, but they're not really cyber war. LOIC (Low Orbit Ion Cannon), the tool used by the Anonymous collective that has been carrying out the DOS attacks to protest against the Wikileaks backlash, is a simple application typically used for testing web servers' capacity to handle a particular volume of requests. A feature of LOIC means that it can be controlled remotely using a protocol known as IRC (Internet Relay Chat), a forerunner to instant messaging favoured by system administrators. By stirring up emotions on Twitter and Facebook, the Anonymous collective encouraged others to download LOIC and turn control over to Anonymous, so they could mount attacks on websites deemed to be antagonistic to Wikileaks such as PayPal, Mastercard and Visa, all of whom had stopped supporting user donations to Wikileaks.

But beware: whilst participating in DDOS attack may feel the same a taking part in a sit-in, or standing on a picket line or barricade to prevent access to a physical location, in the UK at least the Police and Justice Act 2006 makes it illegal. And on purely sensible terms, voluntarily turning control of your computer to a self-declared hacker network is tantamount to madness!