In simple terms, DoS attack is a type of malicious activity aimed to crash the computer system so it cannot serve users or properly perform its functions. Usually Denial-of-Service state is caused by software errors and excessive network or system load. As a result, software or the entire operating system is damaged, what threatens to cause downtime and loss of visitors. Remote DoS-attacks are divided into two types:
- Remote exploitation of software bugs to make a program inoperable.
- Flood (the victim receives a huge amount of meaningless packages which allows an attacker to get a communication channel or resources of the machine).
As a result of such attacks, the server spends all the resources to process attacker requests and the rest of users have to wait. DoS attacks are so dangerous mostly because of their absolute transparency and ‘normality’ as the loss of resources is a commonplace phenomenon.
Distributed Denial-of-Service attack (or DDoS) is usually carried out by lots of manipulated hosts; it can crash even the most persistent server, and the only effective protection is a well-organized distributed system of servers. But this is not affordable for an average user. This article provides you with some universal server security tips:
- All servers with direct network access should be prepared to a fast remote reboot. An alternative network interface is also a great advantage.
- Software used on the server should always be kept up to date. All bugs should be patched; all updates should be timely installed. This will protect your server from DoS attacks that exploit service bugs.
- Every network service designed for administrative use should be hidden from strangers with a firewall. In such case the attacker will not be able to use network services to carry out DoS or brute force attack.
- Use traffic analysis system, which allows to timely discover the attack and to take preventive measures to insure server safety.