(August 23, 2012 at 8:43 am)Homo Sapiens Wrote: well isnt DDOS more "stronger" because it uses multiple computers,also it is harder to block because UDP's are send from multiple ip adders.Well, it depends on the actual DoS method. If you just want to flood the server with packets (as was the case with us), then a DDoS will be stronger since more machines can generate and send more packets in a certain amount of time. However, if you are using a HTTP resource attack, then (depending on the server processing power and Internet connection) you could knock one offline with only one computer. An SQL based DoS can be performed with one computer, and (more impressively) only one packet. If the attacker can craft a HTTP request so that it injects SQL into a database query, making the database perform some horribly complicated calculation, it can cause the server to run out of memory and in some cases crash.
An example of a simple SQL injection that could do this is cross joining a table with itself multiple times. A cross join takes each row of one table and combines it with each row of the other. If you have a table with 1000 rows, and you cross join it with itself, you get a table of 1,000,000 rows. Repeatedly stringing cross joins together in the same query (or cross joining the result with itself, etc.) will create massive tables that the memory simply cannot hold, meaning processes of the machine lock up.
As for blocking them, if you have good enough software it doesn't matter if the attack is a single computer DoS or a multiple computer DDoS, since it will detect and block the IPs one by one.
