Linux/DDoSMan

Linux/DDoSMan Description

Elknot is an infamous botnet specialized in DDoS attacks that can run on Windows and Linux environments and had some developments since its release. One of them is the Linux/DDoSMan, which utilizes the infamous Elknot's and the ELF bot (another segment of the Elknot malware) binaries and installs them on the targeted machine. Linux/DDoSMan is not targeting servers with x32 or x64 architecture but the router devices that also are executed on Linux. When a computer is victimized by a DDoS attack, “the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source. A DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.'

High-profile Web servers are the most probable targets of DDoS attacks since one of the goals (and maybe the main) of the attackers is to disrupt the services of an Internet-connected host by deluging the targeted machine with useless solicitations that overcharge the machine and prevent it from working normally. Since DDoS attacks are made possible by unpatched software and bad security practices, website administrators should keep the machines' software updated and be always attentive to the security measures that need to be introduced or changed to keep their machines safe from attacks like the Linux/DDoSMan.