Hey there,
Okay, not that I want to help you with your homework, and I (we all, I gather) assume you and Miss Google have been close lately...here's some thoughts:
Quote:
i would like to know how to identify DDos attacks?
|
Look into the network activity, try to open iftop, identyfy what is comming in, what's looking to access the outside. What's the server you run? A mini platform with, say, some 100 users? Then, what's the historical load per timeslice, say load per hour, or hits per hour. What is being asked? pages that dont exist? That's a clue...
Look into the amount of IP addresses as well, if some address keeps banging the door asking for some stuf that's not there, either it's a doofball with wrong of severely outdated bookmarks, some very outdated page points to stuff you dont host (anymore) or...that's an attacker...
Quote:
what is the best way to minimize the damages this attacks can cause?
|
update the system and keep it updated. Once out there, there's no way in hell you're gonna be able to prevent this. Unless you're hosting something nobody gives a wank about...then, getting no hits at all should be your worry instead...
Quote:
there is any way to trace it back to the attacker?
|
depends on the attacker, is it a moron that uses his home connection or a (semi) pro that uses a wireless conn some (other moron) user left unguarded, or a college campus WIFI conn. if (s)he is somewhat blessed with brains of sorts, there will be these hops, and anonymisers along the way, so, yea', this could be a chalenge, but hey, you're a student, clever enuff to figure out a clever way to bypass that???
By the way, some of the time, it's students that try out some stuff they learned, so, meet the crowd
Thor