A Quick Lesson on DDoS Attacks, a la Gary

• April 21st, 2010
• 

Gary is one of our admin geniuses at SimpleHelix.  He’s also earned his own internal Wiki page here because he is SUCH a wordsmith.

When we suffered a DDOS attack earlier this morning, we had more than a few customers calling up with various solutions to avoid this in the future.  Of course, we all batted them about, trying to decide if any of them were feasible; that’s the unfortunate nature of a DDoS attack.. they’re almost certainly unpreventable.  It’s repeatedly taken down giants like CNN, Yahoo, and other incredibly robust systems.

When I asked Gary to explain a DDoS attack, he gave me the BEST analogy I’ve ever read.  1) because it features fast food and 2) because it features ZOMBIES.

A DDOS SYN attack in laymen’s terms:

Imagine if you will, a stadium full of zombies 70, maybe 80 thousand people.  And in the center, one man with a bullhorn.

He screams into the bullhorn “Let’s all go to Burger King, stand in line, and when you get to the counter, just stand there. When they kick you out of line, go back to the end of the line and do it again”.

Now 70,000 zombies are all standing in line at Burger King and of course, the management FREAKS OUT, traffic around Burger King is stopped, news crews show up.. it’s chaos.

The manager, of course, is not amused and bans the zombies as fast as they get to the register.

Eventually he’s banned all 70,000 zombies, so now there are 70,000 people standing AROUND Burger King’s parking lot, just staring at the workers through the windows.  Traffic is still stopped, no one can get through the drive thru, maybe 1 car every 10 minutes at most.

Someone asks, “Why don’t we install an anti-ddos router?”  Sure we could do this; think of it as a chain link fence, around our little imaginary Burger King.  What good is that when you have 70,000 people OUTSIDE the fence just standing there?

This is the syn attack in a very long winded nutshell.

Thank you, Gary, for your topical and socially-relevant insight.