I'm back....

Hi guys, get involved much in my new job.So, unable to find time for blog update. I have learned a beautiful tech called... MVC3... soon i will update the techniques in MVC3.

Biggest Cyberattack in History

A cyberattack originally targeting a single company is now being described by experts as one of the biggest Distributed Denial of Service (DDoS) attacks in Internet history. The assault, which recently began impacting elements of the Internet's physical infrastructure, has been dragging down Internet speeds in Europe — but what makes this type of attack different from all other attacks?

First, some background: The attacks originally targeted a European anti-spam company called Spamhaus, which blacklists what it considers sources of email spam and sells those blacklists to Internet Service Providers. The attack began early last week as waves of large but typicalDDoS assaults shortly after Spamhaus blacklisted Cyberbunker, a controversial web hosting company. Cyberbunker has not directly taken responsibility for the attacks against Spamhaus.

In a common DDoS attack, hackers use thousands of computers to send bogus traffic at a particular server in the hopes of overloading it. The computers involved in DDoS attacks have often been previously infected with malware that gave a hacker control of the machine without the legitimate owner's knowledge. Hackers use malware (often sent via email spam) to amass large networks of infected computers, called "botnets," for DDoS operations and other purposes.

Spamhaus contracted with security firm CloudFlare to help mitigate the attacks soon after they began. CloudFlare has been defending Spamhaus by spreading the attacks across multiple data centers, a technique that can keep a website online even if it's hit by the maximum amount of traffic a typical DDoS can generate.

"Usually these DDoS attacks have kind of a natural cap in their size, which is around 100 gigabits per second," CloudFlare CEO Matthew Prince told Mashable before explaining the limitation in typical DDoS attack size is due to routing hardware limitations.

These attacks, however, have evolved into a complex and ferocious beast, pointing up to 300 gigabits per second at an expanding list of targets. How?

After the hackers realized they couldn't knock Spamhaus offline while it was protected by CloudFlare, they chose a different tactic: targeting CloudFlare's own network providers by exploiting a known fault in the Domain Name System (DNS), a key piece of Internet infrastructure.

"The interesting thing is they stopped going after us directly and they started going after all of the steps upstream from us," said Prince. "Going after our immediate transit providers, then going after their transit providers."

DNS essentially turns what humans type into an address bar ("www.mashable.com") to the desired website's IP address and helps to deliver the desired Internet content to a user's computer. An essential element of the DNS system are DNS resolvers — 21.7 million of which are open and able to be found and manipulated by hackers.

"The attack works by the attacker spoofing the victim's IP address, sending a request to an open resolver and that resolver reflecting back a much larger response [to the victim], which then amplifies the attack," said Prince. A detailed technical explanation is available on CloudFlare's blog.

Because DNS resolvers are connected to large pipes with plenty of bandwidth to point at a target, hackers can manipulate them to amplify standard DDoS attacks from a maximum of about 100 gigabits per second to the neighborhood of 300 gigabits per second.

Prince told Mashable these attacks have been "certainly the largest attacks we've seen."

"And we've seen what we thought were some big attacks," he added. Kaspersky Labs, a leading security research group, called it "one of the largest DDoS operations to date."

Internet speeds around the world can be impacted by such large-scale DNS amplified DDoS attacks because the Internet relies on DNS to work — major interference with DNS can have consequences for services not necessarily being directly targeted by such an attack.

What can be done about preventing these specialized DDoS attacks? First, said Prince, Internet Service Providers should implement technologies that prevent hackers from spoofing victims' IP addresses. Second, network administrators need to close any and all open DNS resolvers running on their network.

"Anyone that's running a network needs to go to openresolverproject.org, type in the IP addresses of their network and see if they're running an open resolver on their network," said Prince. "Because if they are, they're being used by criminals in order to launch attacks online. And it's incumbent on anyone running a network to make sure they are not wittingly aiding in the destruction of the Internet."

Google’s Making Moves to Kill the Password

Passwords are long and complicated and hard to remember. And that's only if they'regood passwords. No matter how you slice it, passwords are annoying and on top of that, they're not even all that secure. Google knows that all too well, and it's pushing for the next big thing. A ring maybe. Like for your finger.

Google's been getting behind two-step verification for a while, and although that's more secure than a standard password, it's also more annoying. Hardly a perfect solution. In a paper to be published later this month inIEEE Security & Privacy Magazine, Google's President of Security Eric Grosse and Engineer Mayank Upadhyay are pitching alternatives like cryptographic card for your USB, or some kind of (presumably NFC) ring.

Google's got some software in the making that'd allow this kind of stuff to log you into a browser without involving any sort of software in the middle, just you and your browser. But even in the best possible future, it won't kill passwords completely. So long as your little key can be separated from you, you'll have to have a PIN or something, and the more conveniently short the PIN, the more important it is you don't loose that key. Still, it beats straight passwords and two-step verification annoyances. And the sooner the password can finally be laid to rest, the better.