What is a Denial-of-Service (DoS) Attack?
A denial of service (DoS) attack is a common form of cybercrime. It's therefore vital that all business owners know how to protect their websites from them. Here is a quick guide to help.
Denial of service attacks is moving with the times
In the early days of the internet, the term “denial of service attack” meant one computer trying to flood one server with traffic. That worked over slow connections. These days, however, mobile data works more quickly than the dial-up modems of old, so plain DoS attacks have long since ceased to be an issue.
Sadly, however, they have been replaced by distributed denial of service attacks. These involve cyberattackers chaining together computers to create botnets. Modern DDoS attacks come in two main forms. These are infrastructure-level DDoS attacks and application-level DDoS attacks.
Infrastructure-level DDoS attacks are very similar to old-school DoS attacks. They simply aim to blast a server with so much traffic that it just can't cope. Whether or not they succeed typically comes down to a combination of how well a company has built its infrastructure and how good they are at monitoring its traffic.
The nature of infrastructure-level DDoS attacks means that it's usually very easy to identify that they are in progress. It also tends to be fairly straightforward to figure out the defining characteristics of the attacking traffic. The key question is whether or not a website's infrastructure is robust enough to hold out during this process.
Application-level DDoS attacks follow the same basic strategy but apply it much more astutely. They target high-value parts of a website, such as a login page or the payment page (or an especially popular service). These attacks aim to apply just enough pressure to render the service unacceptable to modern internet users while escaping the notice of network-monitoring tools such as firewalls.
These attacks can be much more difficult to identify and much more of a challenge to resolve, especially if a website has a lot of legitimate traffic to act as cover for the attacking traffic.
Protecting your website against DoS attacks
At present, there is nothing you can do to protect against DoS attacks, but there is a lot you can do to prepare for them. Here are some tips.
Ping your website regularly
There is no point in waiting until you know you have a problem before pinging your website to help to diagnose what it is. You need to ping your website constantly so that you are alerted to problems before they become critical (i.e. before your firewall alerts you) and hence give yourself as much time as possible to remedy them. Ping tests can make the difference between site visitors giving up in disgust (and possibly not coming back) and site visitors not being any the wiser to the attack.
Buy as much bandwidth as you can afford
These days that is one of the golden rules of running a website. It has all kinds of benefits, including providing a buffer against DoS attacks. The more bandwidth you have, the harder cyberattackers have to work to bring down your website and the longer you have to remedy the attack. If you have effective Ping testing and decent bandwidth, you are two-thirds of the way to a very high degree of security.
Subscribe to a reputable website vulnerability scanning service
Website vulnerability scanning services are available from many vendors and each vendor will have its approach to putting them together. That said, absolutely any decent service should have an anti-malware scanner and a website applications firewall. You need both. In the context of DoS, however, it's the firewall that matters.
Your WAF has two main jobs. It monitors traffic (both incoming and outgoing) and alerts you if it detects a problem and it can filter traffic according to the rules you set. If you're Ping-testing effectively, then you will probably notice a DoS attack long before your firewall alerts you. Where your firewall comes in useful, however, is blocking the attacking traffic once you have figured out its signature.
You might want to boost your regular WAF with a DDoS mitigation service. This can be very useful for dealing with infrastructure DDoS attacks as the flood of traffic can be too much for a regular firewall to handle on its own.
Build your infrastructure and applications with DoS in mind
Accept the reality of DoS attacks and think about their implications every time you make a decision relating to your infrastructure and/or applications.
Please click here now to have your website scanned, for free, by cWatch from Comodo.