Dealing With Distributed Denial of Service Attacks - Types of Attacks
(Page 2 of 4 )
An ordinary denial of service attack comes in three basic types. These include consumption of computational resources, such as bandwidth, disk space, or CPU time; disruption of configuration information, such as routing information; and disruption of physical network components. A distributed denial of service attack, as mentioned above, is usually an attempt to consume resources and deny them to other users.
These attacks often take the form of some kind of “flood.” For example, a SYN flood exploits a feature of the TCP connection to overwhelm the system. In a SYN flood, the victim system receives a flood of packets, often with a forged sender address. These are treated like connection requests; the server opens a connection, but because the address isn’t real, it doesn’t receive a response. So the server is sitting there, having received requests for a connection, with a bunch of half-open connections, waiting for responses that never come. When all of the connections a server is able to make are filled with these half-open requests, no one else can connect until the attack is over, including legitimate users.
Let me bring you back to the subject of zombies for a moment. A single computer can make thousands of requests on a server. A hacker with a single computer at his command thus isn’t that big of a threat to large companies. Multiply that by only a few hundred zombies, however, and suddenly millions of packets can be generated. Get enough zombies into the act, and any company can be brought to its knees.
One form of “DDoS attack” worth mentioning here is the unintentional attack. This happens when a website faces a swarm of legitimate visitors and can’t deliver the bandwidth needed. You may have heard of “the Slashdot effect,” where an extremely popular site such as Slashdot posts a story with a link to a less well-prepared site as part of the story. Site owners love getting that kind of publicity, but it can be quite painful to deal with the results.
Fortunately, there are things that can be done to deal with distributed denial of service attacks. While they can’t be completely prevented, there are steps that companies and ISPs can take to prepare for an attack that will mitigate the damage. Once an attack is underway, certain actions can be taken that may help limit its duration.
Next: Preparing Your Defense >>
More Web Hosting Articles Articles
More By Terri Wells
