What is a DoS-attack?
One of the characteristics of today’s Internet trends is the growing number of so-called DoS-attacks (from the English. Denial of Service - Denial of Service ). By DoS-attacks by hackers lead, causing an overload of a technological element in the chain, providing a link Internet users to the website. As a result of these actions the web site is available for viewing.
So attackers can continuously send a web server very large number of requests to retrieve pages. Since every web server has a limit on the maximum number of visits per unit of time, which he may serve, in the presence of a sufficiently large number of requests handled by the new stop. As a result, for most visitors to the site is not working.
Such off-commerce site can lead to losses in the business. Also DoS-attacks use as a way to pressure, intimidate the publication of certain materials.
DoS-attack could occur by chance, if at any time on the site come down a large number of visitors. This can happen if a site will be a link to some very popular resource, or when the owners bought extensive advertising, and a site is placed on the cheap hosting.
The simplest DoS-attack can be performed using a single computer. Using special software, a computer starts to fill up the attacked web site requests. It could even be a simple browser, which constantly updates the page at that address. But in the modern Internet such an attack has minimal chance of success. The protocols allow data hosting provider is too high flow filter requests by IP-address of the source.
One of the most dangerous and difficult to block on the side of a hosting provider types of DoS-attacks – distributed DoS-attack (or DDoS – Distributed Denial of Service – Distributed Denial of Service). Under DDoS-attack requests to the Web site can send to more than one computer, as many computers.
To implement the DDoS-attacks attackers use botnets – networks of infected worms computers located around the world. Large botnets can contain tens or hundreds of thousands of computers. Users of these machines are likely unaware that their computers are infected with malware and used by hackers. Botnets are created by sending malware and infected machines then regularly receive commands from the administrator of a botnet. Therefore, it is possible to organize concerted action zombie computers to attack Web sites and other resources.
Effective way to implement DDoS-attack is to send the zombie machines such requests to the web server, which will require significant investment of computational resources for processing. Therefore, try to identify the attackers as used in the server software features that you can use to create additional load on the server. Often these functions are called in processing registration forms, etc.
Universal methods of protection against DoS-attacks do not exist. However, in practice, use a variety of security tools that make it difficult to attack and reduce the damage caused by them. It is important that the code has been well optimized website, published content is cached, and the number of points of a load has been reduced to a minimum.
In practice, much more effective defensive tools that work at the level of the hosting provider. Provider has more information about the characteristics of the attack and can observe in detail the direction of its development. In addition, the hosting provider can “zafiltrovat” attack so that attackers requests will simply not be up to the server, and the server will remain available for queries conscientious visitors.
To combat the DoS-attack hosting provaydry specially tuned software that controls the routing of data packets. Also uses hardware and software systems that detect attacks and to take countermeasures in the automatic mode. But we must keep in mind that the processing of data packets that make up the DoS-attack, they still have to be delivered to the filtration equipment provider. And even if the equipment is very productive, fairly powerful attack can always just “flooding” communication channels provider. However, to make it more complicated than a single cause overloading the Web server running on a virtual server.