::: WELCOME TO ALL VISITORS ! ::: IF ANY ONE WANT TO PUBLISH THERE ( SOFTWARES /NOTES / ENGINEERING MATERIALS ) THEN FEEL FREE TO COMMENT US ON BLOG OR MAIL US @ DHINCHAKDEVELOPERS@GMAIL.COM WE PUBLISH IT @ OUR BLOG/WEBSITE ON YOUR BEHALF..

Hacked! Attack of the DDoS Protection Services

Attack of the DDoS

Forget about engaging content and brilliant marketing. Neither of those things matter if your website falls victim to a distributed denial-of-service (DDoS) attack.
DDoS attacks sabotage corporate websites to make them unavailable to legitimate visitors. Researchers at Incapsula, a cloud-based website security and performance service, said DDoS attacks are getting stronger, faster, bigger and smarter.
And here's the really scary part: The very DDoS protection service you contracted to guard your website just might be responsible for destroying your site — or someone else's site.
Like a zombie apocalypse that transforms cherubic kindergarten teachers into rapid killers — or an angry 50-foot tall woman — nothing is more frightening than the unexpected. The team at Incapsula discovered that first hand recently when they traced yet another DNS DDoS attack on a B2B business … and found it originated with two DDoS protection services.

Sneak Attack

Marc Gaffan, Incapsula’s co-founder and Chief Business Officer, told CMSWire today that the DNS DDoS attack was enormous, peaking at 25 million packets per second (Mpps). "It stood out to Incapsula’s researchers because many of the DNS queries held non-spoofed IP data, which is typically uncommon," he explained.
"Interestingly enough, in this specific case, the DNS queries held non-spoofed IP data that allowed us to uncover the attacker’s true points of origin. When we did, we were surprised to learn that the malicious requests were originating from servers of two other anti-DDoS service providers – one based in Canada, the other in China. All told, these were hitting our network with 1.5 billion DNS queries a minute, amounting to over 630 billion requests during the course of the seven hour DDoS attack."



If data isn't your first language, just remember this: the attack generated a huge amount of traffic.

We've told you about several potentially serious DDoS attacks recently, including one in which hackers used a novel technique to get thousands of online video viewers to unwittingly bombard a B2B website with junk traffic. Although early bets were on YouTube.com and Xvideos.com, the attack was ultimately traced to Sohu.com, China’s eighth largest website and the 27th most visited website in the world.
Then we explained how hackers can apparently exploit vulnerabilities in Facebook and Google to perform DDoS attacks on target websites.
Now this.
"With multiple reports coming from different directions, and with several large scale attacks on our own infrastructure, we are now convinced that what we are seeing here is an evolving new trend — one that can endanger even the most hardened of network infrastructures," Gaffan said.

What to Do

Remember the old adage about prevention being worse than the cure? That seems to apply here. Gaffan said security vendors played right into the hackers’ hands, by equipping them with high-capacity resources, able to generate billions upon billions of unfilterable DDoS requests — enough to pose a serious threat to even to the most over provisioned servers.
So what do you need to know?
If you're a DDoS service provider that rents out high-powered servers, make sure you have them well protected. In this recent case, hackers used these high-powered servers like big canons to fire at other targets.
"If you have weapons at home, you should keep them locked up in a cabinet so they don't fall into the wrong hands. Same logic applies if you have high-powered servers. Make sure you only rent them to legitimate users and secure them well enough so they are not used for unlawful acts," Gaffan said.
If you have web properties that are important to your business — and, really, isn't that all websites — then have a DDoS mitigation service in place. But select your provider carefully. "Obviously you want to go with a reputable service," Gaffan said. "Some providers rent you hardware and host your site on their infrastructure. Others allow you to host your own site but offer protection and mitigation services. There are different types. Before you hire anyone, be aware of the differences and select your provider with care."

The Threat Landscape 

There are basically two types of DDoS attacks: The first takes place at the application layer (Layer 7) and the second at the network layer (Layer 3 and 4).
At the network layer, attacks bring down a website or SaaS application by overwhelming network and server resources, causing downtime and blocking responses to legitimate traffic. Application-layer attacks target applications, making them especially worrisome for SaaS application providers. These attacks mimic legitimate user traffic to bypass barebone anti-DDoS solutions and crash the web server.
In the past 15 months or so, Incapsula researchers report a rapid increase in network DDoS attack volumes. Almost one in every three attacks today exceed 20 Gigabits per second (Gbps), which was the peak attack volume just a year ago. Some exceed 100 and 200 Gbps.
Blame it on new attack methods (NTP Amplification and Large SYN floods) and also by the development of Internet and specifically cloud infrastructures.
In its annual threat landscape report, issued earlier this year, Incapsula noted "the perpetrators are looking to raise the stakes even higher by introducing new capabilities, many of which are specifically designed to abuse the weaknesses of traditional anti-DDoS solutions."
In this latest attack, Incapsula notified both anti-DDoS vendors, which both acknowledged the facts of the attack and dropped the responsible parties from their services.
Gaffan noted that malicious misuse of security solutions is "anything but new." However, he added, "this is the first time we encountered 'rogue' scrubbing servers used to carry out large-scale DDoS attacks. This fact, combined with the inherit danger of non-amplified DNS floods, is what makes these attacks so devastatingly dangerous."


 VISIT US @ FB
  https://www.facebook.com/DhiNNchAak?ref=hl





















15 Undeniable Truths Every Engineer Can Relate with him

Engineering is probably the most sought-after career in India – and even though you go on to be a great catch in matrimonial ads, becoming an engineer comes with its own burdens. These are 15 sad truths every engineer can relate to.
1. Every engineering hopeful dreams of getting into IIT – but except around 10,000 lucky fellas, the rest have to remain content with the other national or their regional institutes. It is the Mecca for all engineering students, a mirage that breaks their heart time and again.
2. Whether you took up engineering of your own choice or you were bullied into it by your parents, you know that being an engineer does not always mean having achieved it all. Like they say, “In India, you first become an engineer, and then decide what you want to do in life.”

3. As they say, “90% of all girls are beautiful, and the other 10% study in my college”. Engineering colleges suffer from a serious skewed gender ratio, much to the tragedy of the boys. And if there are a handful of pretty girls in your college, they usually turn out to be from a different batch or different department.

4. There is competition among students in academics, and then there is engineering. With millions of engineers spawned by thousands of institutes all over the country, the competition is fierce and relentless! 

5. The bane of the life of every engineering student is the life-sucking assignments and the autocratic deadlines they come with. Their joy at graduating is less due to the fact that they are now engineers, and more because there are no more assignments at the other side of the college gate!

6. The only things that keep most engineering students going for those four years of their lives are alcohol and the kind herb. For those who do manage to stay away from these ‘evils’, their savior is movie marathons in whatever language they can get their hands on.

7. As an engineering student, you were forever known by your GPA score. If you were a seven point something or above, you were the shiz; you were lucky to be six point something and if you averaged five point something or lower – well, buddy, good luck!

8. The greatest irony for engineering students is how the paper they think they performed the best in usually turns out to be the one in which they scored the lowest. In four years of engineering, the students totally forget what ‘hope’ feels like.

9. The marks on Viva and internals are purely based on what impression the professor has of you, and not what you write or say. Call it prejudice, call it unfair – that’s the way it works, and you’d better create the correct image for your professors if you want to pass.

10. You might be the best student in your batch, but if you want to pass the exams, you had better have a good relationship with the lab assistant. When it comes to practical classes and exams, this man runs the show – and you’d better not piss him off.
11. If you took up engineering after ‘3 Idiots’ released, you realized that there is no way you could ever be Rancho. In fact, there are no Ranchos in real life. You realized that your childhood was a lie.

12. Every engineering student knows that the most important day of their lives is not admission day, exam day or result day – but the day of campus placement. Lives are made and broken on this monumental day – good luck if you screw THAT day up! 
13. With so many engineers graduating every year, it is not a surprise that a big number of them are left jobless – or, for better or for worse, opt for MBA to bring some semblance of employment in their lives.

14. So you became an engineer – the proud kid of your parents? Yeah well, good luck finding a job that pays you as handsomely as you prayed for during those feverish nights of pre-exam mugging. Unfortunately, most engineers in India go on to get jobs with low salary. Hello, frustration!

15. If you are an engineer, you are automatically expected by your relatives and friends to fix the electronics and malfunctioning machines around the house. After all, “an engineer is a glorified mechanic only na?” Uh…

For More Such Stuffs join us on FACEBOOK.

Facebook Offers 1.55 Crore Package to IIT Graduates

https://www.facebook.com/DhiNNchAak?ref=hl
There is as much as 10-20% rise in the average salaries and 30% increase in global offers to the Indian engineering graduates regarding the placement of the academic season of 2014. The first phase of placement season come to an end yesterday and it it seen that about 15-20% more jobs offers have come up comparing with the data of the recent years.

The highest package offering recruiter being the social networking giant Facebook which offered 1.55 Crore Package to IIT Graduates. This figure is also the highest ever offer across IITs.

Facebook made the offer for software engineer profiles based out of California to three students at IIT Kharagpur and to an unknown number at IIT-Bombay, sources at the two institutes revealed. 

According to campus sources, highest offer included Samsung - $150,000 (Rs 93 lakh), Microsoft -$129,000 (Rs 80 lakh), Oracle - $125,000 plus Esops (Rs 78 lakh plus Esops), Google - $125,000 (Rs 78 lakh) and Visa -$140,000 (Rs 87 lakh).

At IIT-BHU, Varanasi, the top package from a multinational was Rs 77.5 lakh ($100,000 base salary, $15,000 sign-on bonus and $10,000 relocation and stock options), an over 19% jump over the top offer last year. At IIT-Kanpur, it went up over 36% from $110,000 last year to $150,000 this time. 

Other first day recruiters across the 16 IITs included the likes of Goldman Sachs, HUL, ITC, Credit Suisse, McKinsey & Co and BCG. IIT-Bombay, which on student demand, has moved up some core engineering companies to premium slots, had GE, Airbus and Qualcomm among others, vying with traditional first-day recruiters for the first time.

Tower Research with Rs 44 lakh for an international role and WorldQuant with Rs 42 lakh for a domestic profile were among prominent recruiters at campuses such as IIT-Kanpur, placement sources revealed. Goldman Sachs offered packages of Rs 26 lakh and Credit Suisse around Rs 15-18 lakh while Samsung offered the most for its Korea posting.
An IIT-Bombay student has claimed to have received a job offer of two crore rupees from the social networking site Facebook.
Aastha Agrawal (20), a fourth-year student of Computer Science at IIT-B, had completed her third-year internship in the company’s headquarters in California in May-June this year following which the company gave her the pre-placement offer.
“I am very happy and excited with the offer and will join in the Headquarters after completing my 8th semester,” Aastha, who is home in Jaipur for winter vacations, said.
She said the company was satisfied with her work during the internship and offered her the job soon after and added that she will be joining the job in October next year.
Her father, Ashok Agrawal, is executive engineer at Rajasthan Vidyut Prasaran Nigam Limited (RVPNL) here whereas her elder sister is a chemical engineer.
Aastha had secured seventh-rank in state in National Talent Search Examination in school and also won silver medal in International Junior Science Olympiad. She had also been selected to represent India at the Junior Science International Olympiad in 2009.

The placement season will continue till March-April, though a bulk of offers would roll out over the next three weeks.
Follow us at Facebook www.facebook.com/DhiNnchAak