Ever wondered how a DDoS (Distributed Denial of Service) attack would look like? Here’s a visual interpretation – created by developer Ludovic Fauvet.
The video above is a representation of an old DDoS attack on VideoLAN’s site. VideoLAN is the team that makes our beloved VLC player. The converging pulses represent traffic, while the spot where they are converging refers to the location of the VLC Media Player executable file. The server was receiving 200 requests every second, at a load of 30GBps. The attack lasted more than 30 hours, and later peaked at 1500 requests per second.
What Is A DDoS Attack?
A DDoS attack is a hugely popular form of attack – hacker group Anonymous is known to use it quite often in its attempt to deliver ‘justice’. It is also among the easiest to perform. Systems send a huge amount of traffic to a website’s server. Since the traffic is too large to handle, the server collapses – and the site is brought down.
A DDoS attack is illegal, of course. It is considered a serious federal crime under the Computer and Fraud abuse act of the USA, and even carries a sentence of up to 10 years in the United Kingdom. Interestingly, Anonymous, in January 2013, filed a petition asking DDoS attack on a server to be acknowledged as a valid form of protest. The VideoLAN team eventually managed to identify the problem and reconfigured Ngix (it’s their high performance HTTP server) to tackle the requests. Soon, the site was running even at 400 requests every second.
The video was created using a tool called Lostalgia, which interprets and gives us page requests in the way we just saw in the video. Here’s how a typical website’s server activity would look like.
Source / Server activity before a DDoS attack on the website
How to Prevent
As opposed to the claims of the attackers, a DDoS attack on the websites is generally used to destroy the competition or to blackmail the owners for ransom. But whatever the cause be, it means total disruption of the website servers for hours or even days. This can make the audience stop trusting the website and thus the business may lose the customers permanently. So, if you own a website and wish to be safe from DDoS attacks, how to stop the attacks is a topic you will need to learn. Let us go through some common methods to keep the website servers safe.
Firstly, always be prepared with a plan to handle a DDoS attack on the website. Make some ground rules and steps to be followed in case of a DDoS attack. Share this plan with the key stakeholders, staff and other responsible people. The plan should include the responsibilities, checklist of the software tools to be used, and the list of critical systems and data that need to be protected.
You will need to have a strong security protocol in place for your servers. Make sure that you install firewall and intrusion detection software on every device connected with the mainframe server. Installing antivirus and anti-spyware software on the server is mandatory too. Make use of network segmentation, which means that the server is divided by subnets so that even in case of a DDoS attack, not the whole server is blocked.
Always be aware of the warning signs that indicate the starting of a DDoS attack. As you might have seen in the video, increase in the traffic during all the DDoS attack types has a starting point. Signs like poor connectivity, slow performance, high demand for a webpage, unusual crashes, and so on, are needed to be handled properly.
Lastly, make sure that you are continuously monitoring the whole system of devices connected across the mainframe and also the hosted server.
Application layer DDoS attacks (disrupting just an application on the network and not the whole),
Protocol DDos attack (it attacks the network protocol of a server),
Volumetric DDos Attack (it targets a server’s bandwidth with false requests and blocks the server).
Whatever the type, it is generally executed for the purpose of malpractices and you need to make your website and the mainframe server safe against them. Since you now have an idea about what DDoS attacks are, the different typers and how to prevent them, you’re well positioned to protect yourself when it comes to figuring out how to prevent a DDoS attack.