Few people will really care about the path that your packet takes when sending a message, but if you're one of those high tech egg heads then this article may be of great interest to you. It can become very addictive so proceed with caution.
If you're using a Microsoft Windows based operation system, then it's very easy to trace the route that your message has taken. Not only that, you can see exactly how many routers it took to get your message from point A to point B. You can do this by using a program that is on your computer called Traceroute. That is exactly what the program does. It traces the route a message takes to get to its final destination.
To run the program you have to go to a DOS prompt. After doing this, go to the C:\windows directory and type tracert followed by the URL of the Internet site you're connected to at the time. It will give you a rather technical spec sheet of every IP address it stopped at along the way until it got to its final destination.
The first number on the spec sheet tells you how many routers it went through to get to its final destination. Then each individual router listed on the page is numbered from 1 down to the last one which is actually the final destination. The next 3 numbers on each line for each router shows how long the packet took to get to that router. The next piece of information on each line is the actual name of the router the information went through. Yes, routers have names. This may be important to the users but is totally irrelevant to the router itself. Finally, the last piece of info on each line is the actual IP address of the router itself.
The amount of time it takes information to get from one router to another varies depending on how much traffic there is on that route at the time. Normally, it is no more than a couple of seconds. But occasionally, it can be longer. That is why sometimes you will be trying to access a web site and it seems to take forever. This can be for a number of reasons, but usually it is because along the way one of the routers is not working correctly and has to be bypassed. Sometimes the actual final location itself is down or having problems and the delay is the last router in the chain trying to connect to the network.
Traceroute is not limited to just checking the number of routers between you and an Internet site. You can use it to check the number of routers between you and any other computer on a network. As long as you know the IP address of the other computer you can trace the route of the packets between you and the other computer.
In our next instalment we're going to look at how routers handle denial of service attacks and other problems.
Showing posts with label ddos. Show all posts
Showing posts with label ddos. Show all posts
Sunday, December 28, 2008
Router - Denial Of Service Attacks
Routers are not perfect. For that matter, nothing is. So if somebody wants to give a router more than it can handle there is a way to do this. We're going to take a look at what are called denial of service attacks.
A router can only handle so much information coming into it at one time. Every machine has its limits and routers are no exceptions. Well, when the nasty trend of denial of service attacks started early this century, routers were unprepared for them. As they began to understand what was happening they began to compensate for the problem. But there was still a way around it. To understand this we first have to understand what a denial of service attack is.
A denial of service attack is just as it sounds. It is when someone prevents the router or routers from servicing the network. The question is, how do they do this? As previously stated, a router can only handle so much information coming into it to be routed at a time. If too much information starts coming in then the router gets overloaded and can't forward the information fast enough. Ultimately, what happens is this slows the network down to the point where nobody can access it. In a denial of service attack, which is a deliberate attempt to cause this problem, a person will send an enormous amount of information from one computer to the router at one time. Eventually this will effectively shut down the network. The reason is because of the trickle down effect. Once the main routers start to get overloaded they start to send messages to the rest of the network that the connection is full. These messages start to cascade through the entire network until all the pathways in the network are full and nobody can communicate with any server on the network.
When companies and web sites began to understand what was happening then started to put safeguards in place. They would put checks in the router software to see if a large amount of information was coming from one IP address. If so, then it simply discarded the information and didn't attempt to pass it on. It seemed that the problem was solved. Not so.
Hackers began to figure out that if they send this enormous amount of information from multiple computers or IP addresses, the routers would have no way of knowing that a denial of service attack was in progress because it would see all this information coming in from multiple locations. Ultimately again, the network would effectively be shut down.
In response to this, manufacturers of routers have placed additional safeguards into their routers to simply check for unusual traffic. The problem with this is that in some cases there is a large amount of traffic that is normal, like in the case of a news site being hit with an overload because a major breaking story hits the airwaves.
It remains to be seen if the hackers or the router manufacturers are going to win this war.
A router can only handle so much information coming into it at one time. Every machine has its limits and routers are no exceptions. Well, when the nasty trend of denial of service attacks started early this century, routers were unprepared for them. As they began to understand what was happening they began to compensate for the problem. But there was still a way around it. To understand this we first have to understand what a denial of service attack is.
A denial of service attack is just as it sounds. It is when someone prevents the router or routers from servicing the network. The question is, how do they do this? As previously stated, a router can only handle so much information coming into it to be routed at a time. If too much information starts coming in then the router gets overloaded and can't forward the information fast enough. Ultimately, what happens is this slows the network down to the point where nobody can access it. In a denial of service attack, which is a deliberate attempt to cause this problem, a person will send an enormous amount of information from one computer to the router at one time. Eventually this will effectively shut down the network. The reason is because of the trickle down effect. Once the main routers start to get overloaded they start to send messages to the rest of the network that the connection is full. These messages start to cascade through the entire network until all the pathways in the network are full and nobody can communicate with any server on the network.
When companies and web sites began to understand what was happening then started to put safeguards in place. They would put checks in the router software to see if a large amount of information was coming from one IP address. If so, then it simply discarded the information and didn't attempt to pass it on. It seemed that the problem was solved. Not so.
Hackers began to figure out that if they send this enormous amount of information from multiple computers or IP addresses, the routers would have no way of knowing that a denial of service attack was in progress because it would see all this information coming in from multiple locations. Ultimately again, the network would effectively be shut down.
In response to this, manufacturers of routers have placed additional safeguards into their routers to simply check for unusual traffic. The problem with this is that in some cases there is a large amount of traffic that is normal, like in the case of a news site being hit with an overload because a major breaking story hits the airwaves.
It remains to be seen if the hackers or the router manufacturers are going to win this war.
Subscribe to:
Posts (Atom)
