What is DDOS?

With the recent high profile attacks on major internet players such as Twitter, Facebook and Google, many smaller business are wondering what is DDOS and what can be done to protect against it.  DDOS stands for Distributed Denial of Service and is a malicious attack meant to degrade or completely shut down access to the targeted web site.  The bad news is; there is not much that you can do to prevent this type of attack.

Think of your website as a restaurant.  On a normal business day, customers will come in to request some food.  If your restaurant is running smoothly, your staff will serve up the requested food in reasonable time period; the customers will eat happily, pay and move on.  You will then be able to replace them with another stream of customers.

Now think of a Distributed Denial of Service attack as an unexpected huge surge in customers, all of whom enter your restaurant at once.  They take up all of your space, your servers and hosts are over-extended trying to seat them and take their orders.  As a result, other customers cannot get in to your restaurant to eat.  The worst part is, these customers aren’t going buy anything.  They’re just going to take up space in your restaurant, preventing others from getting in.  From outside the restaurant, customers see that it is completely full and they have no chance of getting a table.  You’ve lost their business.

From this example, you may see why it is also so hard to defend against a this type attack.  To your restaurant, that large party looks just like any other customer, so you can’t turn them away.  To a website, the traffic coming from a denial of service attack looks just like normal traffic.  Servers and firewalls can’t be configured to block the attack because they don’t know which traffic is from real customers and which is fake traffic designed to stress your resources.  This is especially true of a Distributed attack, which utilizes infected computers all over the world to send the traffic.

The good news for smaller businesses is that typically you do not provide the infrastructure for your own website.  Your site is hosted by a professional hosting company that has redundant resources which are able to withstand the attack and hopefully keep your site running.  Extremely high end firewalls and traffic filters can identify patterns in the traffic from these attacks and block them as they come in.  Typically, hosting providers and Internet service providers will need to become involved to track down the originating source of the attack, and shut it down.

Comments are closed.