Distributed denial of service attacks take more than one person to knowingly or unknowingly have success in slowing or crashing a website. The victim’s IP address must also be known for the online perpetrators to cause an Internet site or service to work inefficiently, haphazardly, temporarily, or even, indefinitely. One’s Internet protocol address is openly visible, hidden and easy to find, or so disguised that not even necessary web traffic can take place. Monty Python’s How Not to be Seen just might offer a lesson for people and organizations that need to protect themselves from becoming a zombie leech and part of a botnet in the ecosystem of a distributed denial of service attack.
In Monty Python’s How Not to be Seen, the antagonist does not know where the nine different potential victims are, but for one reason or another those potential victims become seen and are easily targeted and shot. Even if the target is not seen at first, but the perpetrators know where the target is, the target quickly becomes a casualty. In some cases, the attackers knows or can easily guess where the targets are using social engineering to discover the potential victims’ location.
“In this film we hope to show how not to be seen. This is Mr. E.R. Bradshaw of Napier Court, Black Lion Road London SE5. He can not be seen. Now, I am going to ask him to stand up. Mr. Bradshaw, will you stand up please?”
In the distance, Mr. Bradshaw actually stands up. At first, the attacker does not know where his victim is, but when his victim stands up, the attacker shoots Mr Bradshaw in the stomach, and he falls and became dysfunctional much like websites that experience distributed denials of service. There is a value to not be seen by one’s potential Internet site destroyers, but that value can become a business stopper if one’s preferred traffic of users, customers, employees and other very important company entities cannot conduct business without a visible or easily identifiable IP (Internet protocol) address.
In other cases, the attacker in “How Not to Be Seen” uses brute force (like password hacks). He blows up all the bushes anywhere near where he thinks the victim might be, also a visual parallel to a denial of service. There are ways to hide from or prevent or mitigate malicious online threats such as using virtual private networks, virtual private servers, or professional DDoS mitigation services. A virtual private network enables only authenticated remote access and makes use of encryption techniques. A virtual private server may offer DDoS protection support and SSH Tunneling. A secure shell (SSH) tunnel is an encrypted tunnel created through an SSH protocol connection. An SSH protocol connection works to secure data communication, enable remote command-line login, set up remote command execution, and offer other secure network services between networked computers, connected by a secure channel over an insecure network, a server and a client.
Smurf attacks, ping floods and syn floods are three examples of popularly used distributed denial of service attacks. Smurf attacks take advantage of incorrectly configured network devices that allow packets of information transport to any computer hosts on one network via the main broadcast address of the network and not the IP address of a particular machine. Ping floods occur when the victim receives a huge amount of ping packets via the “ping” command in a “start” menu. SYN Floods send floods of TCP/SYN packets usually with a forged sender address, so that it becomes difficult to know where the floods are coming from. Each of these have a parallel to one or more of the catastrophes in Monty Python How Not to be Seen.