Denial of Service Attacks
03/09/2010
Denial of Service Attacks are becoming increasingly popular and the targets are usually large websites or data centres hosting major websites.
This is known as a DoS attack (denial of service attack) or DDOS attack (distributed denial of service attack) and it is an organised and concerted effort to bring down a server by sending too much traffic through its network.
There are many different ways of achieving this, but one of the most common methods is to saturate the target machine or network with so many external communications requests, that it responds slowly and gradually grinds to a halt. With automated scripts this is relatively easy for any programmer to carry out. It is of course a violation of the Internet’s proper use policy, and against any ISP’s terms and conditions, but as the point of these attacks is often either political or fraudulent these policies have little impact.
One of the greatest problems with DoS attacks is that they tend to target websites and servers which have high security and firewalls and systems in place to prevent such attacks. This partly because the highest profile websites will naturally be located in such data centres, and partly because this is more of a challenge for the attackers.
How can you prevent these attacks?
Good hosting companies will use multiple networks and redundancy to ensure a single failure does not cause loss of service. But this simply raises the challenge, and if you operate with servers in two UK cities on multiple networks, then any DoS attack must simply be better coordinated.
A good support team available 24/7 capable to taking manual action to locate and isolate the source of the DoS attack is needed.
In order to reduce the threats of these attacks we host websites in multiple locations using multiple hosting companies. Using multiple suppliers helps when any attack is on the network as this is more likely to be isolated to a few hosting providers.
For business critical websites we can provide redundant hosting enabling websites to still be visible if one data centre is out of action for while.