With the desire to share information about cybersecurity, support knowledge for individuals and businesses … to raise his guard against hackers’ attacks, Ngo Minh Hieu (nicknamed Hieupc) has blogged with the name 7onez.com.
On the first day of launch, Hieu’s blog was attacked by a series of domestic and foreign hackers. However, with a lot of experience, being a “notorious” hacker, Hieu PC has solved the problem within “1 note”.
DdoS attacks are quite popular recently, but according to Ngo Minh Hieu, this attack will block transaction orders on the system, or will collapse the connection to the website, causing huge financial damage to the business. Business money by threatening to continually attack the system.
Especially, with the way of acknowledging the attack on my blog 7onez.com in the form of diary, Hieu PC has attracted attention and created a feeling of excitement and curiosity for his fans.
The blog’s hacked diary has received thousands of likes. They are not only people working in information technology but also young people and businesses. In the last paragraph of the diary, Hieu recorded: “Through here, I hope that organizations and businesses need to pay more attention to defending themselves against targeted DDoS attacks. response scenarios when an attack occurs; train people to have expertise and be prepared to fight them, without compromise and not surrendering to the bad! “
Diary of January 15: A memorable day of the year….
0h00: Only 7 hours left until 7onez.com blog launch time as per my commitment, but everything is still messy, from layout, content to website security issues. Today is also quite a tiring day when you have to handle so many important tasks, you can not even have any energy left, go to sleep or make commitments.
However, then he continued to tinker in the night …
4h30: The preparation is almost complete, all functions are ready for the community. There’s just a lack of security checks. On the street has begun to appear early risers go to exercise. I’ve started hearing cock crowing somewhere recently.
5:00 PM: After attacking my website by myself, I discovered quite a few vulnerabilities and fixed them promptly, not forgetting to pre-configure the Firewall system and necessary “tools” to promptly handle when attacked. public DdoS (clogging the network), which I predict is extremely likely to happen.
Turn off the computer and take advantage of the nap.
7:00: Thanks to the alarm clock, without it, all my efforts last night would have been swallowed up by sleep. Today’s weather is quite cold, it reminds me of many memories, and the ending … anyone who reads my status that day must understand clearly ^. ^.
9.20am: Everything looks good, the traffic starts to increase, I breathe a sigh of relief, get ready to change, have breakfast and go to work! However, the good story starts from here …
9:30: Access to “site”, suddenly slow. Linh has “visitors” to visit. I go to the server and run the test immediately. As expected, a huge amount of DDoS attacks are pouring on the website from all over the world. Luckily, this attack was predicted and had the Firewall configured since last night. However, because the intensity is too great, it is necessary to optimize the firewall a bit to limit the impact on the server.
According to Ngo Minh Hieu, many websites, even many newspapers have been attacked, many websites of businesses have been extorted hundreds of million dong. Hieu PC’s hacker response diary has been continued.
9:35 am: After a few minutes of quickly analyzing the attack characteristics and adjusting the “rules” of the Firewall (firewall settings), the website’s access speed was restored even though the attack was still going on with high intensity. However, I believe this is just the “prelude” of the attacker. They will quickly change their attack pattern until the target is defeated. He had to give up the idea of going to breakfast, starving and continuing to closely monitor the server.
9.40: New DDoS attack methods have been deployed by the attacker. But as expected, the attacker did not change the attack type but increased the intensity and added new attack patterns. Not 1 type, 2 types, but 3 new attacks at the same time and the strength also increased many times compared to the “foreplay”. Log access on the server now runs like a waterfall !. Expressions such as:
– The server starts to show signs of overload, the attackers have somewhat achieved their desired goal. The server overload makes it difficult to analyze my log. After capturing (saving) enough data and conducting analysis, I discovered one of the new types of attacks was not in the plan and passed my firewall system. Admittedly, attackers are highly qualified and proficient in DDoS attacks. The way they deployed their attack was cruel and showed a very clear purpose: Destroy the target!
Based on the analyzed data, I quickly wrote a new rule and applied it to the firewall. After 2 minutes of trying to type the command, the firewall recognized the new attack pattern and effectively blocked it. The server’s load is decreasing gradually, the speed of accessing the website is also stable again.
10:20 am: Tracking the access log will discover one more interesting thing about the attacker: you must be a professional and very eager to defeat you. During the attack, the attacker continuously used the website “check-host.net” to check if the server was “down” or not. If you directly access the website to check if the website is still active or not, it is likely that the server will record the IP, using an intermediary website will avoid this, and “check-host.net” also returns. Results from many locations around the world to confirm that the website has really “collapsed” or not. Experienced!
“The attacks continued to bomb the server until 10:30, then ended. At this point, eat breakfast, watch and go to lunch for peace of mind. Summarize the first day of launching the 7onez blog. com: DDoS attacked with half a million (518,000) connections within 60 minutes “Hieu shared on his blog.
Summarizing over the last few days of the blog’s operation, Hieu said that he was attacked by DDoS service with more than ten million (10,049,193) connections. The number of large connections from this attack, mostly from three countries: China with more than 1.5 million, the US with more than 1.4 million and Vietnam with more than 900 thousand.
Also on this personal blog, Hieu PC said that this Lunar New Year, Hieu will launch a project using artificial intelligence (AI) to protect Vietnamese people from fraud, impersonation, fake news. , bad and malicious content on cyberspace.