Monthly Archives: May 2013

Distributed Denial of Service Attacks back again. Websites not actually down.

Distributed Denial of Service Attacks back again. Websites not actually down.

My understanding of a DDOS attack and why Your website is not actually down.

These attacks that are thrust upon us and which we find to be so frustrating are more or less a result of our own lack of proper or working security systems on our home computers.

There are hackers out there with nothing better to do than search the internet for home and other computers that are not well protected when they are online. Mostly these hackers access these vulnerable computers and upload a small program to the computer that allows them to take control of your unprotected computers.

At that point they are able to whatever they want on your computers. However it is most beneficial to the hackers to try and remain undetected so that they can use your computer more often to do what they want the computer to do. More often than not they use your computers as bots to be used in password attacks on websites and in Denial of Service DOS attacks on sites.

DOS attacks send contact requests to a website at high speed. This then prevents regular visitors breaking into the queue and hence your websites appear to be down to the genuine visitor.

Now imagine a hacker who has control of 90,000 computers. With a few strokes on a keyboard he is able to direct that group of computers to attack all sites on a server or a server farm (Data Center)

Recently authorities were able to arrest one such hacker/controller who was using a mobile control center. It took some time to locate the offender on that occasion. It wouldn’t surprise me that the current spate of DDOS attacks also has a mobile control center and may take some time time to be shut down.

It may difficult for some to conceive the way this is being done.

I would like to take this opportunity to point out that with this type of attack on your web servers or web sites is not restricted to your current hosting service. Servers everywhere are being attacked. Shifting your sites to a different server service is not going to provide you with a better service. There are so many DDOS attacks that Service providers everywhere are learning to cope when an attack hits their servers. You should remember that each new attack has a different signature and it takes some time for the server operator to work out how to redirect each DDOS hit to a safe location and at the same time allow normal traffic through to the requested sites.

I was on a server farm that decided not to inform users of the reason for site outages and moved my own accounts, to a more secure server away from a shared server environment where hackers could take over every account on a server once they managed to break poor security on someone’s site.

I now notice that people who once worked with servers in the IT industry, are starting their own server services. It would pay you to remember that these people have been away from the industry for some time. They have absolutely no experience that will help them cope in the instance of a DDOS on their server, by over 90,000 bots. Better the devil you know then the devil you don’t know.

I hope that this may help some of you. I myself use two hosting services MMT and my own Hosting Service.

Yes I am a hosting Reseller. I make a profit by selling Dedicated Servers and other hosting services, but the servers are managed by the Data Center providing the service and you will be in direct contact with that management as well as me. And I do care about and for my customers.

Best Wishes

Reg Whelan