Server Attacks (Denial of Service)


Denial of service attacks on web hosting servers comes in many forms and from many perspectives. The common perception is that you have to be a master web hacker or programming genius to develop a malicious piece of software (malware) in order to cause chaos and discontent. You would be wrong. All it takes is a group or person with the resolve and desire to create chaos, some friends to help, and a clear mind. The specific issue at hand is a type of attack called a distributed denial of service attack (ddos). This is a popular web attack targeting web hosting servers like the servers that host your website, email servers, data centers, banking, and, credit card payment portal servers, to name a few. The technique is frighteningly simple. The picture says it all. The concept is many computers against one. The means is the data packets that each computer handles with every communication request that it receives. The web server must process each request, which takes up processor time and random access memory (RAM). Every computer, regardless of how big and powerful it is, has a limited supply of both. If you overwhelm the web server with more communication requests than it can handle, it will either slow down to the point of not being accessible to its legitimate users, very slow to respond or simply crash and shut down. In any case, you, the good guy, is prevented from doing your business be it an e-commerce business or just sending an email to Grandma.

To put some technical perspective to the problem and give you some appreciation for its complexity in trying to prevent of thwart these attacks, you need to be exposed briefly, to how the Internet works. The Internet communicates in layers, seven of them to be specific. In the picture to the left, level seven is at the top and one is at the bottom. A denial of service can attack at any of the levels and for our purposes levels four through seven are the web host layers. A level seven attack is the least defendable in the current world of the people that hack and the people that try to prevent the hacking (your security software from McAfee, Norton, SSL certificates etc.).

The protectors are ever vigilant and the hackers ever more clever and devious. The game goes on.