Small Business Attack – Denial of Service
- At March 25, 2009
- By Josh More
- In Business Security
- 2
You get the call from your front-line people. Your web site is down and customers are complaining. You call your web folks and they can’t even get to the server. Then, your front-line people call you again and report that the entire Internet connection is down. You call your ISP, and they tell you that your line is up, but you’re getting a lot of traffic.
Their solution? Buy more bandwidth.
In fact, if you buy right now, you might even have it in a few weeks.
What has happened is a distributed denial of service attack. In this attack, the attackers leverage hundreds of thousands of machines and send traffic to a target. In this case, to your server. As it starts, people start to have problems with the web server. Pages will load erratically, customers will experience slowness and the server may start to reboot itself or lock up entirely. However, it doesn’t stop there. The attackers often don’t know when they’re successful, and the traffic just keeps coming. Soon, your Internet connection will fill up and stop responding. If you’re hosting offsite, the line usage may spike and drive you into over-utilization charges. Thus, in addition to losing potential sales for every minute you’re down, you may also be charged for the experience.
So, it sucks to be you, but what does the attacker gain? In the old days (you know, when the hills only went up), this was done out of spite. Someone had taken offense at something you or your company had done, and their solution was to make your life miserable. These days, it’s different.
These days, the attacker may be a competitor or someone hired by a competitor. They may be starting a campaign and want you out of the picture during the process. They may be trying to take one of your biggest clients and want to show that you’re unreliable. It may be a criminal organization using such an attack to hide a second, more subtle attack. It may be an employee that simply wants a day off.
In any of these cases, what are you going to do about it?
Matt
You might want to remove your valid xhtml tags from the bottom of your pages…the current one has 32 errors and 10 warnings…another page i checked had 2 errors…tisk tisk
Josh
You are quite right to tisk me.
What happened was that I migrated my old site over to Joomla and WordPress. At initial launch, both of them were properly standards-compliant, but as updates were applied and different modules/extensions changed, it drifted from that. I realized this a few months back, but was working on a site redesign, so I figured that I could just handle it then.
However, you’re right, I should remove at least those tags now.
They’re gone. Thanks for letting me know.