DDOS attacks have become part and parcel of being a website owner. They’re fairly common and it’s probably worth knowing what they’re all about.
DDOS stands for Distributed Denial of Service which is like the big brother of a DOS (Denial of Service) attack. To understand what DDOS is all about, it’s probably easier to go back and talk about DOS in some detail first.
The purpose of these attacks is to make an online service unavailable by throwing tonnes of traffic at the service and ‘overwhelming’ it. With a DOS attack, one computer and one internet connection is used to send an unmanageable number of packets to the remote server – with the goal of overloading it. Whereas DDOS uses many devices with a multitude of internet connections to swamp the victims server.
DDOS attacks are much harder to prevent than DOS attacks as it it much harder to identify irregular traffic patterns from multiple sources than it is from a single IP.
There are a few types of DDOS but they all do the same thing – they’re just targeted at different areas of victim server. Firstly, we have volume based attacks – this essentially hopes to eat up the bandwidth of the victim server, causing the service to be unavailable.
A protocol attack attempts to consume actual server resources, which can include firewalls, load balancers, memory or CPU usage. Finally, we have application layer attacks that target vulnerabilities in the web application (such as Apache), with the goal of crashing the web server.
That all sounds awful, how can I protect myself?
Preventing DDOS attacks sounds easy. Firstly, make sure that you’ve moved your websites and applications to the cloud (Amazon Web Services, Azure or Digital Ocean). Once moved, you can set up scalable rules, which essentially means, your server will increase in capacity and performance if a spike in traffic is identified. This means that your web application doesn’t go offline while you’re trying to identify where the traffic is coming from. Of course, running with larger servers during this time period will cost you more than business as usual running costs.
If you don’t want to move to the cloud, I would suggest that you look for a web host or service provider that will handle the DDOS attacks for you – many web hosts do offer such protection. If you are moving to the cloud, I would still look at some DDOS prevention tools to help bolster your protection.
This article was brought to you by Netshock. Netshock is your technology blog, providing technology news, guides and insight.