Are you part of the USA/South Korean DDoS attack?

USA and South Korean flagsThis question came up in a discussion on the recent DDoS attack on various US and South Korean sites. The main concern was if there was a way to tell if his/her computer had been compromised to be a part of the botnet and how could they tell?

Good questions.

In response to the first question, one of the ways to know if your computer is involved in a DDoS attack is to observe the traffic coming from it from another computer on your network.

Tools such as WireShark can analyze the traffic and will log what it finds.

But what if you aren’t that technical or only have one computer at home? Then the answer may well be “Hard to say”.

However, if all of the user’s software on the machine is up-to-date with patches, the OS is up-to-date with patches, and they have an intelligent firewall that they can configure to watch both inbound and outbound traffic, then the risk is greatly reduced.

For this particular DDoS attack, we detected all of the components as: