Saturday, June 7, 2014

Defending against Denial of Service Attacks

The Denial of service attack, also known as DoS, is one of the most common attacks on the internet so it is important that you understand how it works and know how to defend against them.

The Denial of service attack is any attack that has a goal to deprive you the use of your computer system or network.  It is not a hacker trying to infiltrate, break into, your system to critical information.  Instead, its goal is to prevent users from having access to your system.  This could mean a loss of millions of dollars to a business.

The thing is, DoS attacks are rather easy to perpetrate.  They can even be downloaded from the internet and put into action by amatuers.  The key is not the ease of launching a DoS is covering tracks and not getting caught.

The concept of the DoS is that all devices has operational limits to their capacity to perform.  These are composed of such things as the maximum numbers of users, the speed of data transmission, or the amount of data that can be stored. Exceeding limits such as these will cause the system to stop responding.

One example of a type of DoS attack is called the SYN Flood.  The SYN flood consists of simply sending a flood of "pings" or connection requests very rapidly and then fail to respond to the expected reply that is sent as a result of them (more to the attack than this bu,t a little complicated to explain here). In other words the attacker requests a connection to your system, then never follows up with the rest of the connection sequence.  This leaves the connection to your system "half open" and the buffer memory allocated to the system reserved and not available to other applications...or people trying to connect. They SYN Flood is a primative method of causing a DoS, but makes my point.

Their is no guaranteed way to prevent DoS attacks, however there are steps you can take to minimize the danger.  The defenses fall into two catagories, technical and procedural.  Technical defenses are those items you can install on your system to make it safer.  These include such things as antivirus software, micro blocks, RST cookies, and stack tweaking.  Procedural defenses include such things as modifying your system usage behavior as related to security measures.  Things like not downloading suspicious files that might have DoS software inbedded and not opening unverified attachments.

It should be obvious that protecting your system is critical, and you must do what you can to deny...a denial of service.


No comments:

Post a Comment