Server Attacks: Prevention, Protection and Survival for Your Online Business
If you’re the owner of an online business, you’re fully aware of the unique problems that can, and often do, arise as a result of being so closely tied to the Internet. Let’s face it. You are vulnerable. If you’re an online business that’s on the rise, it’s also likely that you will attract some unwanted attention from jealous competitors who are operating in low form. Such low form that they will do anything to completely wipe you off the map. This even includes attacking your server! Throughout this article, I will explain two different kinds of server attacks, how they happen, how to prevent them and stay fully protected, and other essentials for the survival of your online business.
What is a DoS Attack?
We’re almost certain that each and every one of you have experienced a stuck or slow computer. Most of the time, it’s the result of a lack of resources such as Memory or CPU. Of course, your laptop will slow down if you have multiple pages and programs running at once. A DoS (Denial-of-Service) attack, however, opens multiple connections to a server from a single location. Each and every connection eats up some of your server’s resources.
We all know how frustrating a slow loading page can be. The aim of a DoS attack is to eat up the server’s resources and make the server so slow that people bounce off your site. If your attacker is successful enough, the server may even become unavailable and will not serve others, including visitors to your site.
When attacking your server, the attacker must have more resources than the destination server – your server. These resources include more Memory, more CPU and most importantly, more Internet Bandwidth. If your server is more powerful, the attack will have very little impact on your business. In fact, you may not even realize an attack has occurred. This is most likely the case for many online business owners.
What is a DDoS Attack?
A DDoS (Distributed-Denial-of-Service) attack opens multiple connections to a server from multiple locations. Basically, it is a series of DoS attacks from different locations. Unfortunately, if your attacker has a wide network, your business will probably not survive this kind of attack. There are millions of zombie servers controlled by attackers around the world and they each have some kind of software running on them which attack servers.
How Does a Server Attack Differ from Hacking?
Hacking occurs when the attacker partially accesses your server, your files and your operating system. If there’s no vulnerability on your software and you cannot be tricked into giving your password (social engineering), you will not be affected by a hacking attempt. Keep in mind, however, that any server on the Internet is vulnerable to a DDoS attack.
Why Don’t Google, Facebook and Microsoft Ever Get Attacked?
Well, actually, they do, all the time! They are probably even being attacked right now while you are reading my article! However, they are not as vulnerable as other businesses because they have a wide ranging network with extremely high bandwidth and a high volume of servers. As previously mentioned, for an attack to make your server(s) unavailable, the attacker’s resources should be larger than yours. And c’mon, really… who has more resources than Google, Facebook and Microsoft? Even if there are certain companies attempting to attack these Big Businesses, they must remain anonymous and not use company resources because of the threat of potential for lawsuits if they are discovered.
Computer Viruses are the main reason
If you’ve owned a computer for more than a few years, odds are that you’ve already experienced a nasty virus at least once, and felt your computer slow down as a result. It’s a matter of fact that most viruses slow your computer down. Most of the time, a virus is an application that has been programmed by the controller to attack a server. When your computer is attacked you are most likely being attacked from a regular user’s computer who has no idea they are attacking you.
Why is it Hard to Prevent?
A DoS attack is actually quite easy to prevent. There are software applications that check the number of connections coming from different IP addresses. It will block certain IP addresses if the number of connections reaches or exceeds the set amount. However, DDoS attacks are more difficult to prevent because there are multiple IP addresses being used in the attack, so the number of connections from each IP address may not reach the warning threshold.
Think about the following scenario. Instead of attacking ten servers from ten attacker computers as one to one, the attackers do the attack by mixing the computers as any computer to attack any server randomly but less frequently. Now, instead of ten attacker computers, think about thousands. Opening one single connection from a thousand different servers at the same time to your server will make your server unavailable and you would only see a thousand separate people trying to connect to your online business.
Your system administrator can determine the DoS attacker’s IP address and easily block it. Unfortunately, however, if it is a DDoS attack, there’s no silver bullet for it. First things first… you must analyze the structure of the attack. If there are some servers attacking more frequently, they should be blocked immediately.
If all the connections received are evenly distributed and no single IP address stands out, you should check the data being sent through the connection. You can filter through certain data pertaining to each connection. If nothing stands out and everything looks valid, you may want to check the origins and see if you can find any similarities.
Sometimes attacks will come from a specific country, which means you can block the IP address subnets of those specific countries. Depending on the skill of your security engineer in analyzing the attack, there are other options that can be looked into, but it’s not an easy task.
What if I’m Using Shared-Hostings? Or if Another Company Manages My Server?
Your hosting provider will probably suspend your account so they won’t be affected by the attack because other online businesses may be affected by the attack if it reaches the hosting provider. So if another company is managing your server and you or they are attacked, you better hope that they have an experienced and skilled security engineer.
If you want to run a stable and growing online business, let us help you! Nobody can give you a 100% guarantee against attackers, but we can offer you quality online marketing services with greater stability and resources to efficiently handle your online problems. Contact us today to get started.
Editorial by Lisa Sherman.