Bitcoin Forum
April 20, 2024, 02:51:14 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Project Development > Seeking advice - DDOS attacks on exchanges, what gets hit by the attackers?
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Seeking advice - DDOS attacks on exchanges, what gets hit by the attackers?  (Read 742 times)
monsterer (OP)
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000


View Profile
July 24, 2013, 08:13:18 AM
 #1
Hi guys,

I'm love to hear from an actual exchange owner - what subsystems come under attack during a DDOS?

* Is there a typical DDOS attack, or is each one different?
* Do they attack low level stuff like name servers, routers, or other hosting centre equipment?
* Do the attacks actually make it through to the application side?

From the POV of a developer, what would be your first recommendation in order to be prepared for a DDOS?

Cheers, Paul.
1713581474
Hero Member
*
Offline Offline

Posts: 1713581474

View Profile Personal Message (Offline)

Ignore
1713581474
1713581474
Reply with quote  #2
1713581474
Report to moderator
Bitcoin mining is now a specialized and very risky industry, just like gold mining. Amateur miners are unlikely to make much money, and may even lose money. Bitcoin is much more than just mining, though!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1713581474
Hero Member
*
Offline Offline

Posts: 1713581474

View Profile Personal Message (Offline)

Ignore
1713581474
1713581474
Reply with quote  #2
1713581474
Report to moderator
tradecoinz
Newbie
*
Offline Offline

Activity: 25
Merit: 0


View Profile WWW
July 24, 2013, 08:36:03 AM
Last edit: July 24, 2013, 08:57:58 AM by tradecoinz
 #2
Hello,

It really depends on the services you are providing. If you have an API, you would want to protect that service from attack. Following the TCP/IP model, the application layer can become a large target (Zero-Day attacks, attacks on certain ports for services such as Apache). Keep in mind that DOS and DDOS attacks are 2 separate things. If the DDOS attack is large, you will see an impact in performance. One example involved Spamhaus that received a 300 Gigabit DDOS attack. Even with mitigation services, network routers were having trouble handling that much traffic. I suggest finding a good mitigation service to shield you from these attacks.

Some Mitigation Service Providers:
 . https://cloudflare.com/
 . http://www.prolexic.com/services-dos-and-ddos-mitigation.html
 . http://www.incapsula.com/ddos/ddos-mitigation-services

Even hosting providers are implementing these services. I would personally look into Cloudflare.

Best,
Cameron Halter
https://ibtcard.com
monsterer (OP)
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000


View Profile
July 24, 2013, 05:54:22 PM
 #3
Thanks for the advice, I appreciate it!

Are there any attacks which seem to be common amongst exchanges themselves?
tradecoinz
Newbie
*
Offline Offline

Activity: 25
Merit: 0


View Profile WWW
July 24, 2013, 06:10:58 PM
 #4
Quote from: monsterer on July 24, 2013, 05:54:22 PM
Thanks for the advice, I appreciate it!

Are there any attacks which seem to be common amongst exchanges themselves?

Most attacks now are Layer 7 DDOS attacks. They attack ports 80 and 443 to prevent access from authorized users. Mt.Gox used prolexic to mitigate the attack. There are different ways an attacker can DDOS a server...the best defense is to mitigate the attack. However, if the attacker is really nasty; they will attack the ISP the mitigation service buys bandwidth from. However,  this is worst case scenario and it would require more than 300 Gigabits worth of traffic.

Take a look at this:
http://blog.rivalhost.com/12-types-of-ddos-attacks-used-by-hackers/

And This:
https://mtgox.com/pdf/20130424_ddos_statement_and_faq.pdf

Best,
Cameron Halter
https://ibtcard.com/  
monsterer (OP)
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000


View Profile
July 25, 2013, 07:01:20 AM
 #5
Very helpful, thanks Cameron Smiley
tradecoinz
Newbie
*
Offline Offline

Activity: 25
Merit: 0


View Profile WWW
July 25, 2013, 07:16:15 AM
 #6
Quote from: monsterer on July 25, 2013, 07:01:20 AM
Very helpful, thanks Cameron Smiley

No problem, feel free to PM me if you have any other questions.

Cheers,
Cameron Halter
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Project Development > Seeking advice - DDOS attacks on exchanges, what gets hit by the attackers?
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!