Denial of service is a form of attack that focuses on bringing a website offline by overwhelming server resources. How it usually works is simple: an attacker sends repeated requests to a website until the server can no longer respond to requests. The result is an exhausted server that eventually goes offline.
Another name for denial of service is a DoS attack. This term covers a broad spectrum of attacks, like the Ping of Death and Teardrop attacks. These attacks work by exploiting an internet protocol that websites and servers use to connect to each other.
The TCP handshake, or 3-way handshake, as it is sometimes called, is used by the Transmission Control Protocol to set up a TCP/IP connection over a network.
It’s basically how your computer is able to display a website when you navigate to it in your browser. It works like this:
That is how the process is supposed to work, but what a denial of service attack does is ignore the SYN-ACK packet. This causes the server to timeout waiting for a response. I’m sure you are familiar with what that would look like. If not, see below:
While this screen does not always mean you are seeing the results of a DoS attack, this is what it looks like. However, not all denial of service attacks achieve this. There are times when an attacker may not be able to generate enough attack strength to send your site offline, but the extra bursts of traffic often lead to degradation of service.
And a slow website is no good for anyone, especially your site visitors.
DoS Attacks Are Not As Effective As They Once Were
Denial of service does not quite give the same results it once did. Early attacks were able to knock sites offline, but most of these vulnerabilities were corrected. Most denial of service attacks are not powerful enough to knock a website offline. It’s for this reason that distributed denial of service (DDoS) has taken center stage, along with botnets and the hackers controlling them.
How To Protect Yourself From Denial Of Service (Dos) Attacks
There are a many things you can do to prevent denial of service attacks against your website. Here is a quick list:
- Maintain a firewall
- Disable unused networks
- Utilize router filtering
- Monitor for DoS attacks
It should also be noted that you should establish a baseline for your website traffic. Once you have this number you can use it to watch for unusual activity.