General Discussion
In reply to the discussion: Right wing cyber attacks on Healthcare.gov website confirmed [View all]dreamnightwind
(4,775 posts)I have not been claiming a DDOS attack was responsible for the ACA website problems, I just didn't understand your statements about how it could not be, or how unlikely that is.
I'm a programmer, not a network protocol person at all, so I know something about this stuff, but only at a pretty superficial level.
"If, as you said, it is "indistinguishable from legitimate page requests" then it IS a legitimate request. If it is an attack, it will be formed differently - some 1s and 0s will be in places they should not be - and that is detectable. If the source is forged, the detection will be that there are too many unanswered tcp handshakes, and the response will be appropriate. "
I get that a forged IP would lead to handshakes not completing. I don't get the first part, that the page requests from multiple hacked machines (or a large network of attackers, which seems less likely to me, though possible if it's a RW orchestrated attack) would be formed differently. I agree that it would take a lot of machines to make much of an impact.
I don't have to understand this, probably shouldn't have waded in, but if it wasn't clear to me it probably wasn't clear to a lot of people.