With the Denial-of-Service Attack (DOS) on Twitter in early August 2009, it has some users wondering what it is and how to prevent it.
According to Wikipedia, a denial-of-service attack is:
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users.
Some ways to create a DoS attack are ping flood, ping of death (PoD), smurfing, IRC flood, nuke, peer-to-peer, fraggling, SYN flood, teardrop, and distrubuted denial of service attack (DDoS). Actually, there are a lot more funny terms for DoS attacks. In the simplest manner, each of these DoS attacks require intense communication between between a computer or several computers to disrupt the site’s server by either using all its resources or slowing it down until it cannot be accessed properly. You can find out more at Wikipedia for each of the DoS terms.
I have had this happen on the first server I co-owned when I started webhosting. We had just reached 350 clients when that had happened and it was only a minor setback. Still, it was annoying and because most of these attackers use spoof IP addresses, it is hard to track, so I left it up to the company that leased the servers to go after the culprit. That is pretty much you can do when attack as it is illegal anyway. Server-side, our server was upgraded to prevent further attacks.
However, to prevent this, it is recommended your servers are up-to-date with the software and hardware on the server, especially those with features that can prevent flooding. Many major sites, even Microsoft have been victims of DoS attacks, so it is not all that uncommon. It might be lame advice, but it is the first prevention against such and your best defense up front.
Have you ever witnessed a DoS attack on a site? Was it yours? What other advice can you give to those wanting to know more about preventing DoS attacks?
I recommend a hardware firewall set up properly. Correct configuration can save a lot of headache.