With all the recent talks about hackers, I decided to make a lesson on a common network attack, the DoS aka denial of service. Developers are scared of it, network security can't stop it, users are pissed off by it, and website owners lose a ton of money because of it. What is this attack that has everybody with a website dreading the day they called to arms and go to war?
What is DoS?
First off, DoS is an attack, not a hack. They're not after your passwords, they just want to shut your website down by sending a lot of traffic your way. This could be tens of millions of hits every second. Imagine opening a store that can only handle a hundred people, but a million come in at once. What happens? Your store is going to be full and nobody else can come in. Legitimate customers are forced to wait in line outside and even if they finally get in, they will have to fight through a huge crowd to get anywhere in your store. Most customers just leave after seeing the line going around the block. DoS stands for denial of service, which means it denies your service to other users. It's taking up all your attention so you can't greet other customers.
How do you defend yourself?
Simply put, you can't. If it looks like a duck, talks like a duck, and walks like a duck, then you're going to think it's a duck. You're going to treat them like just another customer, which they are. The difference is they just loiter around and don't buy anything so you're wasting time and energy greeting them.
Can DoS be used to steal information?
No. Contrary to public belief, DDoS can not steal information. DDoS is an attack; they're not after your passwords, they just want to shut you down. Stealing information from a server requires real hacking and that's way too advanced for this tutorial.
I'm getting attacked! What can I do?
1. Your simplest option is to close down your site and hope they move on to the next poor sap.
2. You could attempt to block their IP addresses but any hacker worth his salt knows how to bypass IP checks.
3. Make your site a members only party where only VIPs get access. This option blocks most DDoS attacks but also legitimate users.
4. Your last resort is to get a bigger / more servers. This is a situation where size does mean everything. Like in war, the one with the bigger gun always wins. If they send 10 million attacks your way, get a server that can hold 100 million. This option will always work but it could get expensive.
What is the difference between Dos and DDoS?
DDoS stands for distributed denial of service attack. It is a lot of DoS from different sources attacking you at once. It's an ambush where there are 50 of them attacking 1 of you. Neo survived worse odds against the Smiths in Matrix Revolutions so maybe you can too...
And that's all for today. You have to weigh the benefits and risks of allowing others to use your services. Remember that when you open to the general public, it is open to abuse, but if you make it private, then you will be closed to a lot of potential customers.