If you’ve been running your website for any length of time, you’ve likely heard the term “DDOS” at least a few times. It has even been in the news lately, with hackers using “DDOS attacks” to take down high profile websites. While it is only when major websites are attacked that it makes the news, the fact is hundreds of sites are attacked in this manor every day, and all website owners should at least know the basics of what this type of attack is, and what to do if they experience one.
A DDOS, or Dedicated Denial of Service attack is a fairly low-tech type of computer hacking that is primarily used just to disrupt the service of a website. They work by sending huge amounts of communication requests to the web server being attacked, which eventually overloads the system. While the webserver is attempting to process the requests of the DDOS traffic, it is unable to serve information to the legitimate visitors to the site.
In most cases, these attacks will quickly consume all of the available bandwidth or other system resources, causing system problems for the web server. Resetting the server often becomes necessary, though this does not solve the problem because as soon as it comes back up, the attack traffic will quickly use the resources again.
One easy way to imagine what this type of attack does is to picture yourself in a quiet room talking with a friend. You can easily talk with no problems. When a DDOS attack starts, however, the room fills with hundreds of other people who are simply shouting at the top of their lungs. No matter what you and your friend do, it will be nearly impossible to hold any sort of meaningful conversation. Even if you go into another room (reset your web server), the attack will be there as soon as you try to start talking again.
Where does the Traffic Come From?
In the vast majority of DDOS attacks, the traffic will be coming from hundreds, or even thousands of individual computers that are infected with a specific type of malware. The malware sits quietly on the computer until it receives an attack command from the computer of the person operating the attack. This command will tell the malware what website to attack, and when.
While a web server has no trouble dealing with attack traffic from one computer, or even a few dozen, it simply can’t handle it from hundreds or thousands of computers. Hackers are constantly attempting to infect new computers with their malware, so they will have this digital ‘army’ of drone computers that they can use for DDOS attacks whenever they want.
What is the Threat?
Other than taking down your website, there is very little real threat just from a DDOS attack. There have been times when these attacks were directed at banks or governments as a distraction technique, while malicious hacking was being performed on other related systems, but this is quite rare. In addition, it takes far more resources from the hacker to pull off this type of dual attack, which means it is not likely worth it for attacking the personal website of individuals or even most businesses.
When smaller scale attacks are launched against personal or business sites, it is typically done by hackers who are trying to prove their abilities. In most cases, these attacks will only last a few hours at the most before the hacker will get bored and move on to another site, so the long term impact of an attack is negligent.
What can be done?
Despite the fact that DDOS attacks are very simple technologically, they are remarkably hard to stop. Modern web servers are set up to try to ignore this type of attack traffic, but they still have to process it enough to determine whether it is legitimate or attack traffic, which does take up system resources.
From an individual website owner, there is nothing that you can practically do on your own. If you suspect your site is being attacked in this way, you should immediately contact tech support. In most cases, however, tech support here at InterServer will already be well aware of the attack, and making attempts to mitigate its impact.
One of the ways we are able to reduce the impact of these attacks is by running all the traffic through a powerful computer, which has just one job, scanning the traffic to determine if it is attack traffic or not. If it is, it drops the traffic immediately. If not, it allows it to process through. In many cases, this is enough to prevent smaller attacks from taking down websites we host.
For larger scale attacks, we can work directly with our internet service providers, who can help to identify where the attack is coming from, and take measures to filter out this traffic before it ever arrives. In reality, however, if an attack is large enough and long enough, it is very difficult to stop. Fortunately, the hackers who have the necessary resources to pull of massive attacks like this will typically only direct them at very high profile targets.
While DDOS attacks are a serious threat to all websites, most people don’t have too much to worry about. InterServer already has safety systems in place to provide protection to your site, and we’re always working on keeping up with the latest and greatest security systems available to serve our customers.