This is a guest post by Dmitri Blackthorn.
Whether you own a website, or a company, Distributed Denial of Service (DDoS) attacks is something you should know about. If you haven’t been briefed on this topic already, you’re one of the lucky few who DDoS attackers haven’t targeted yet. In order to continue maintaining your website’s online presence and your own peace of mind, read on and discover the basics of DDoS attacks.
What is a DDoS Attack?
A DDoS attack is an effort where several computers work together to overwhelm the computer processor of a victim and force it to crash. This is usually conducted via internet connections and often targets a server hosting the website under attack. However, there are different forms in which these attacks are made, including:
- UDP Flood –A UDP (User Datagram Protocol) flood attack occurs when packets flood a host’s random ports to listen for applications there. After that, the packets report back to their makers in the form of an ICMP packet.
- SYN Flood – A SYN (synchronize) flood is an attack where repeated synchronize messages are sent to a server to initiate a connection that doesn’t close until timeout. This exhausts the server’s resources and finally forces it to go offline.
- Reflected Attack – A reflected attack is one where forged packets are set to numerous computers. However, the replies of these computers will be sent to the victim’s website to overwhelm it with requests.
- Peer to Peer Attacks – Attackers use peer to peer servers to get to their victim’s website. They divert traffic from the file-sharing hub onto the target website, which eventually exhausts the server’s resources and forces it to crash.
- Slowloris – This DDoS attack is probably the hardest to resolve. Used during the Iranian presidential election in 2009, Slowloris allows its initiator to use fewer resources while pinging the server with uncompleted requests. As a result, more connections stay open until the website itself crashes.
- Degradation of Service Attacks – This type of DDoS attack slows a server’s response time rather than taking it offline. Because of its slow response, a website becomes unusable due to issues like page loading problems. This type of attack is usually hard to detect since the website only slows down, an issue which can also be attributed to increased website traffic.
- Unintended DDoS – This DDoS attack usually happens when extra traffic causes a server to crash due to a large number of incoming requests.
- Application Level Attacks – An application level attack focuses on corrupting at least one application on the server, such as email apps or Joomla.
- Multi-Vector Attacks – These are the most complex types of DDoS attacks since they require tools and strategies to drive a website offline. They are also the hardest to fix because they target multiple resources and take different forms.
How to Protect Your Website from DDoS Attacks
The biggest DDoS attack in history occurred in March 2013 when Spamhaus’ servers were flooded by over 300 Gbps worth of internet traffic. Because of the constant stream of attacks, it was reported that global internet speeds were affected. To avoid becoming a victim of a DDoS attack, here are some tips to protect your website:
- Focus your security objectives around three principles: confidentiality, integrity and availability. Your website’s data should remain confidential, intact, and available to everyone who needs it.
- Consider implementing an effective Security Information Management or Security Information and Event Management system. This will act as a defensive line against DDoS attacks.
- Become familiar with your internet traffic so that you can spot unusual activity and prevent your website from crashing. If you can’t handle this yourself, hire someone who knows how to act when a DDoS attack comes your way.
- Make sure that your website’s bandwidth is more than you actually need. Though this won’t stop these types of attacks, it will give you ample time to stop the attack before it succeeds in forcing your website offline.
- Always have a contingency plan in hand. This will minimize the damage and help you save all sensitive data before it’s lost permanently.
- Store your ISP provider’s number on speed dial so that you can call them at the first signs of a DDoS attack. The professionals there will guide you through the best steps to take to mitigate the attack.
This concludes this guide on DDoS attacks. So, unless you want to become a victim of a vicious attack that affects your website and the internet, make sure to keep everything you read in mind and implement it whenever you can.