DoS – Scriptingthewhy.com

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

people dancing a nightclub. — Which one of you spiked my drink!? I can taste my heartrate!
Photo by Mauricio Mascaro, please support by following @pexel.com

This might send you back to those feel-good party nights so prepare to reminisce and say…” No, I don’t recall that happening.” Have you ever been to a nightclub, found someone to party with, and decided that you would like to spend most of your time with them?

You both are having a really good time, the music is pumping, the people around you are jamming, and something to you smells funny but that’s okay because the pills you took five minutes ago bestowed upon you the ability to see and taste sound.

You have to take a quick break and hit the restroom, only to come back and find your chosen dance partner is oddly being blocked by a crowd of people and no matter how much you try, you just can’t seem to get within reach of them. Have you never had this happen?

Okay, so apparently Z-Daddy is the only one who has had weird times in nightclubs huh? While you are lucky enough to say you haven’t experienced this event, this often happens with computers and companies you favor. What is this go-go nonsense I’m yammering on about? This will all make sense in a moment.

large group of people walking on road. — She’s leaving with you, but she was programming with me bro. Oh wait, that’s not right.
Photo by Vlad Alexandru Popa, please support by following @pexel.com

Clubbing in Denial

What is this weird phenomenon taking place in this nightclub which often happens to a computer or network? To put it in simple terms, you’re symbolically being hit with a “denial-of-service” or DoS.

This is a form of cyber-attack where the attacker seeks to make either your machine or a network resource unavailable for intended users. Distributed Denial of Service or DDoS occurs when a mass of machines operates together to focus an attack on one target to disrupt the normal traffic of the targeted IP address.

Picture if you can, five lanes of traffic trying to fit down a one-way street. This leads to the target’s device being overwhelmed and denying legitimate users access to the desired website. In fact, one of the largest attacks on record was at GitHub, a popular online code management platform that is used by a lot of developers. They were hit with a large volume of traffic that led to the disruption of their site. Click here to find out more details. What are some other things that can suffer from an attack like this I can hear you ask.

Aside from personal computers, cell phones, public cloud services, and IoT (Internet of Things) devices that aren’t tightly secured are not off the menu, they can all suffer a DDoS attack. Depending on how bad the attack is can play into how long it takes for your site to become available.

In some cases, could be as little as 24hrs and in others can be from days to a week given how quick the response time is. Variety is the spice of life and by choosing which device to overload, you can find plenty of it.

young woman sat at computer screen in shock. — I can’t get to access my Grub Hub account…that means I have to cook tonight.
Photo by Andrea Piacquadio, please support by following @pexel.com

Dirty, Dirty, Dirty Tactics

Who and why would someone turn to use such a tactic? Trying to hinder or take out the rival competition is one reason. If customers can’t get to your competitors’ sites but find access to yours. Then it makes the choice that much easier for them to buy from you.

This is pretty much a “Two birds with one stone” situation because not only are you carrying out a hit on your competition, but you are also passively strong-arming your potential customers into buying from you.

That’s operating like a boss. Another reason someone might perform a DDoS is Hacktivism, meaning they don’t agree with something political and promote an agenda of their own by hacking. In the days before the pop-ups of “How-to”, you had to be skilled to perform such an attack but now, like with malware, you can simply go to the dark side and pick something up extra saucy if you have enough coin.

Again, your presence on the dark web is not illegal but the activity you choose to engage in begs the question. Remember to always stay legal kids.

young gentleman rushing to woman in red over coat. — Bob: Karen, I thought you were leaving him for me.
Tim: she’s with me buddy. Your access just got denied.
Photo by Two Shores, please support by following @pexel.com

Last Minute Halts

So why is knowing about a DDoS important? DDoS can and have affected many if not all industries. This ranges from being able to place bets on gambling sites to trying to clear out your cart on an e-commerce site.

Everyone with a storefront on the internet has at one point or another suffered the simulated feeling of being an employee having to work retail on Black Friday. DDoS attacks have been around for quite some time, the earliest attack was back in the late 90s and they have been evolving ever since.

man in red polo looking shocked. — We’ve all made this face at one point or another while on the toliet.
Photo by Andrea Piacquadio, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like I may have missed something about DDoS? Script a comment below.

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Cloudy with a chance of emptied accounts.
Photo by Nicolas Jaramillo, please support by following @pexel.com

In the great big world of IT (Information Technology) things in cybersecurity have always been but, even more now, getting more interesting with every new technology or model that pops up.

If you haven’t been living under a rock no less an underground bunker, chances are you have heard about the cloud and all the wonders it has to offer to make your life and even your business flow a little easier however, in the landscape having access to a monolith of services and your choice of pay models looms something in the midst.

Whatever pay model you choose, you may be offering the same choice for an unwanted guest. Don’t know what I mean, let me script it for you.

I could be reading script right now, but I have to fix this stupid car.
Photo by Malte Luk, please support by following @pexel.com

Cloud from Underground

For those who finally came out from underneath that rock or finally believe the air is breathable and things in America and around the world are getting better, I welcome you. Let me give you this quick overview of the cloud and all its glory, all hail Hydra- I mean the mighty cloud.

The cloud or better known as cloud computing is a massive network of distributed services. There are services for housing and examining big data, environments for building applications, and creating automation to execute certain tasks are some of the things you can do in a cloud.

The list of what you can do goes to no end and it’s still expanding. As far as providers go you have the big three and yes this will be biased so be prepared to not agree which you’re welcome to do. They are AWS (Amazon Web Services), Google Cloud, and Azure from Microsoft. What about IBM’s cloud, you ask? Simple, IBM and I don’t talk, AWS all the way baby.

Back on the point, the cloud offers serverless computing, this is the execution model where the CSP puts together machine resources on demand and is done on behalf of the customer.

So, in short, the term serverless doesn’t actually mean there aren’t any servers, serverless means that all of the backend infrastructure is handled by the vendor. For all of you who came out of a bunker, you can go back in now, things haven’t gotten any better.

Enjoying so far?

Check out this other script on cloud. Click here.

It’s just a DDoS, there’s nothing to worry about. It’s not like I need to keep my job or anything like that.
Photo by SHVETS production, please support by following @pexel.com

Denial of a Panic

So, why is this important? How does this information benefit you? Again, you’re offered a pay-as-you-use model for a lot of services. This means attackers have more options when it comes to performing an attack.

DoS (Denial of Service) or DDoS (Distributed Denial of Service) are events where someone is trying to access a website but can’t because the website’s servers are being overwhelmed by traffic from zombies (slave bots).

This is a somewhat normal event and SOC (Security operation center) teams are prepared, for the most part, to deal with them. However, with the addition of the cloud, things have become more complex.

The name of the new challenger is called DoW (Denial of Wallet). And before you ask, yes, I’ll tell you what’s in your wallet when this attack is done.

I don’t think this is what Z-Daddy meant by denial of wallet, it’s more like denial of money.
Photo by Andrea Piacquadio, please support by following @pexel.com

Wallets Racking Up Prices

As mentioned before a DoS/DDoS is not having access to a resource like a website because the server is being overwhelmed by traffic. DoW works similarly but the difference is you run out of money to request resources and services in the cloud.

An attacker can gain access to your account in a variety of flavors and once in, they can begin to rack up charges in your name or your business’s name. This is because to use or to have access to a cloud a credit card must be on file to charge.

Once the card on file reaches its limit and money can no longer be drawn for services, resources are stopped until the bill is paid. Here’s some small math for you, let’s say you were using a server and it cost $0.10 per minute to run that server but you have it scheduled to run between business hours, five days a week. $240.00 USD in a week isn’t a problem because you may have that amount on hand.

However, your account gets hacked and changes the server schedule to run every hour including the weekends changing that $240.00 to $1,008.00 USD in the first week. But not only that, other resources were added and set to run every hour including the weekends. Money runs out quickly in the cloud when you’re hacked and not paying attention. Just when you thought the sky was the limit.

Kim: Girl, you never use the root account. Ain’t you read Scriptingthewhy?
Sarah: What’s that?
Kim: Girl, here. go to the site and you’ll be hip to the games.
Photo by Andrea Piacquadio, please support by following @pexel.com

Accounting for the Root

At this junction, you’re probably sitting at your computer wondering how you can prevent from seeing another bill you either can’t or simply don’t want to pay sneaking its way into your email. Well, I have some good news, following best practices when setting up your or someone else’s cloud.

Always employ the use of setting up a general account, and do not for the love of Sam Smith’s Unholy, do not use the root account because if that account gets hacked, you can kiss your cloud goodbye.

For those who might not know why not to use the root account, it’s like using the admin account on your computer, if someone gains access to it, they can do whatever they want since it’s the highest level of privilege. And if you set up someone’s cloud and the only account is the root, well needless to say unemployment is in your future, that’s cloud 101 and you should know better.

Shaming aside, using multifactor authentication adds another layer of security for accounts and the most important action to take is setting up a budget with multiple avenues, like emails and text messages to reach you as this will alert you when you are approaching your undesired limit for your budget.

And checking in periodically with billing and usage along with checking logs could see you better off as this helps to keep you alert as well. It’s great to have your head in the cloud but fending off unwanted bills can help keep you grounded and employed.

Scriptingthewhy has helped me keep money in my wallet. Z-Daddy, you strike again.
Photo by Lukas, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Did you have a time where you may have encountered a DoS situation? Script about it below.