Most of us who spend a significant time on the internet realize that we have to have some level of antivirus protection in order to protect our personal files and details. Of course, there are those who totally disregard that notion, hiding behind the defense of, “it’ll never happen to me.” Next thing you know, one of those folks has clicked on a link from an African Prince offering them 10 million dollars, and all is lost. While being hit with a virus at home can be catastrophic, for the most part it simply means having to do a clean install, whilst making sure that all of our family photos are still safe tucked away on a separate disk or flash drive.
The next time you complain about having to disinfect your laptop with a virus removal program, spare a thought out for the online business entity whose entire website can be taken down by a distributed denial-of-service attack (DDoS), with the goal being to shut down that business for the foreseeable future. While most attacks are aimed at financial institutions and big name corporations, it’s not entirely uncommon for a disgruntled computer geek to want to shut down a gaming or entertainment site, just to show that they can.
The only thing more frightening than a DDoS is the number of ways in which it can be achieved. Those range from sending huge packets of information to the server so that it overloads and is unable to handle requests from legitimate visitors, to infecting the network with malware, effectively poisoning everything it touches. That’s just really scraping the surface of the methods that attackers use to get in, without even mentioning the more creepy sounding methods, such as SYN Flood and R-U-Dead Yet? A simple antivirus simply isn’t enough to keep attackers at bay, and to try and use the same software we use at home would be the equivalent of putting a 2 foot high fence around Fort Knox.
This may be why many big corporations, and even some small businesses, are protecting the domains by employing the use of a professional DDoS protection company who can recognize potential attacks before they have a chance to take hold. A large part of that protection revolves around creating what’s known as attack bandwidth, which is basically enough storage space to handle the massive amounts of information that are sent during a DDoS attack. This gives the pros ample time to stop it, usually in a matter of minutes, before it’s allowed to bring your website down.>
It’s estimated that billions of dollars per year are lost due to DDos attacks, and while you may think your company is safe from such nonsense, do you really want to end up like the poor fellow who clicks that infected link without any form of PC protection?
You cannot control a DDoS attack or predict when it will happen, but you can prepare your IT infrastructure to prevent a DDoS attack from harming your business.
Safeguarding from DDoS involves use of stateful firewalls which can be configured to block unused protocols and inspect a TCP packet for its validity. Proper ACLs (Access Control Lists) can be configured at switch and router level and advanced features such as deep packet inspection, rate limiting, bandwidth shaping and bogus IP filtering can be used to prevent DDoS attacks. Also IPS (Intrusion Prevention Systems) should be implemented as an additional safeguard from DDoS attacks. The operating systems running on the servers and the business applications should be updated at regular intervals to patch any known security bugs; unused ports and services should be blocked / stopped (generally known as server hardening). Furthermore, the network and the server logs should be monitored regularly for suspicious activity.
The good news is that you don’t have to do any of above yourself as the hosting providers these days have become aware of the perils of DDoS attacks and how it can harm their and their clients' business. They have already geared up for the same and offer a number of DDoS protected hosting plans to their customers. So always ensure that you opt for a DDoS protected hosting plan if you want to earn the trust of your users, protect your reputation and keep your business running uninterrupted 24x7.
A DDoS attack causes inconvenience to the end user. While a DDoS attack is under progress, the genuine end users of the service get a very slow or no response at all.
If your server has crashed, it results in undesirable downtime as system administrators have to take corrective actions to restore your server and business applications it runs.
The real long term impact of DDoS is on the people offering the service. For example, if you are running an e-store on a server without DDoS protection, the users who were shopping at the time the DDoS attack was launched will be unable to complete their transactions. Any new users coming to the website will think that the site is too slow and will go elsewhere. This directly results in loss of revenue.
After the news of a DDoS attack breaks out, it has the current users worrying if their important personal data like login ID, password, credit card information has been stolen. Users start questioning whether you can protect their information stored on your servers. This leads to lack of trust in your website and the offered services. This hurts your hard earned reputation. A damaged reputation can have catastrophic results for your business as end user’s trust once lost is difficult to earn back.
A distributed denial-of-service attack, commonly referred to as DDoS attack happens when a single target, generally a server, is attacked by a network of bots (compromised computers) causing a denial of service for the users of that system or server.
In a DDoS attack, a malicious hacker / cracker hacks in to and compromises other user’s computer and installs malware on the compromised system without user’s knowledge. When many such systems have been compromised, the malicious hacker / cracker remotely use a single system (known as ‘DDoS master’) to send commands to control the compromised computers (known as ‘bots’). The network of bots is known as ‘botnet’ or ‘zombie army’.
The malicious hacker / cracker then commands many ‘bots’ to send ping requests, fake TCP connection requests or bogus service requests to the target server. As the number of bogus requests increases, it takes a toll of the network bandwidth and available server resources (such as CPU cycles or maximum number of permitted TCP sessions) at the target’s end. This not only hogs the network bandwidth but the server also slows down to a crawl or crashes. Thus, the genuine users get a very slow response or no response from the target server i.e. they are denied the service they are entitled to; thus the term ‘denial-of-service’.
New EU Hosting
April 02, 2011 -
Posted by Administrator
in Blog
HostingRQ.com is proud to announce we are now offering hosting located in the EU for those with visitor base mainly in Western Europe area. The servers are located in Frankfurt, Germany. Plans will be a bit different as the bandwidth and hardware setups are different. Later today the plans will be posted on the site. If you are interested in EU hosting before then please contact us on livechat or support@hostingrq.com
Hi Folks,
Since our Openning we have work hard to get all your satisfaction in our product.
I'm glad to let you know that we are soon openning in Europe. One of our Quad core server are on the way to the DataCenter.
We will give you more information later one this week when the server will be ready.
Thanks,
Quentin - Your General Administrator.
We are pleased to announce that we have implemented a new webserver system using nginx + apache + suphp which works right along with the cloudlinux system. The reason for us getting away from litespeed is simple. It has had a bad history of very serious security issues and vulnerabilities, some of which were never really fixed but they were just rigged to make it work instead of fixing underlying code. An example of this is the null byte exploit which was discovered by some kid hacking group back in 2007. The exploit was disclosed as soon as it was found and was supposed to be fixed. Then mid 2010 a similar null byte exploit which did the same exact thing. Instead of fixing the code causing the null byte exploit they simply put in a request filter which as you can see was easily bypassed with the recent exploit. The new fix is no doubt another request filter instead of real fix.
Then there was the buffer overflow exploits which during the time I was sending the head guy over there George warnings and logs concerning this daily, he never took it seriously until it was released in some defacer/hacker circles and everyone with litespeed started getting hacked. Since there was no public disclosure about this I am not really convinced that it was ever fixed and if was the fix was simply another request filter.
Request filter for litespeed is like mod_security rules for apache. What mod_security rules do is protect weak scripts from known and unknown exploits but the vast majority of rules being only for known exploits as it is hard to make generic filters for mod security without blocking some legit scripts. Litespeed may have been a fast and efficient server but it was definitely not without its flaws not counting security issues.
Then there is the support issues with Litespeed Tech. I have setup many clients and have used it extensively myself so occasionally I had to contact them regarding problems I couldnt solve right away. Usually it was a bug in the software. But anyway the first year and half everything was great, i got fast responses and lots of help from them. Eventually though neither I nor any of the clients I had setup with them could get any support answers at all. Usually they would send off an email to their support, wait 12-24 and see no response, then end up emailing them again only to get some rude and hateful response that their support is not free and costs money. And the times we needed them was issues we had exhausted all means to try and figure out so of course I and some of the clients had sent replies to those "pay us or go away" emails with "yes we know, how much and when can you fix" only not to recieve any replies at all past that with all future emails being ignored. What i found funny was that during these times of non-response if we sent an email from another address/domain asking about sales options we would recieve a nearly instant reply. So their support had become very very poor, the only response me and nearly everyone else I know got was the one about support costing money and that was it. We had even sent emails later one saying "yes we know support costs money, please fix this and bill us" only for those to be ignored as well. So either they just got too busy for their own good or they dont even know how to support it. Who knows?
But support and documentation is a very important thing for such a critical software, support was non-existent and documents were ok but there are just still bugs in it, unexplained behavior and knowing that there are still security issues for it. We had been looking for an alternative for quite some time now but only recently was able to implement it. We are glad we did and hope more people will not support such software in this age of open source and community driven software.
So in the past few months I have been trying to find a viable alternative to work with our hosting platform, control panel and secure/anti-ddos environment. Something that reads apache .htaccess syntax and generally plays well with cpanel. What we found was nginxcp which uses nginx as a frontend/proxy and handles all static requests passing all other requests to apache such as dynamic requests (php,cgi,etc;). So in reality all apache is doing is processing rewrite rules and processing the suphp external app. This way apache does little and is not vulnerable to the same denial of service it has always been. Apache is not a great web server for high traffic environments or ddos with a default config, however with the current config we have worked out and everything else we have in front it all works nicely.
Pages are served fast, ddos and malicious requests are handled well and with cloudlinux users cannot effect one another with resource hogging or fork bombing. So in a nutshell, we have abandoned litespeed and went to open source alternatives. We have had some kinks here and there trying to get fastcgi working well but ended uyp just going wuith suphp which should work just as well.
So our new setup and other setups Ill be doing for hosting servers is.
Cpanel/WHM
Cloudlinux
Nginxcp
Apache 2.2.17
Php 5.2.16 running as fastcgi
And all the other stuff regarding security and such. Overall this is great setup to isolate users and prevent one from bombing the server. More updates on this to come.
We at HostingRQ are now offering server management services for our clients or external clients. If you need a reliable admin who you can work with one on one then we have the service for you. Specializing in high stress/high traffic environments but no job is too big or small. We can do setups, security, litespeed/lighttpd/nginx replacements and conversions, ddos mitigation/hardening and much more.
If you are looking for a professional admin based in the US that you do not have to play ticket tag with or get caught in an endless support fiasco then look no further. HostingRQ management services can do any job right the first time. Prompt and personal support via instant messenger, ticket, email and phone for emergencies 24/7 on call.
Our Server Management Monthly Plans
To inquire about a one time job or custom setup Contact Us
Hi Folks,
We are glad to announce you a great January month, we are now making a crazy discount; all those packages will came with a 50% off discount:
- Shared Package
- Reseller Package
- DDos Package
Use the coupon code: RQH - this promotion will be stop at the end of this month, don't miss your chance - stop playing arround, be with us!
HostingRQ Team.
Hi Folks,
Till yesterday (01/01/2011) we get a major issue on our primary server. We’ve get a primary failed Hard Drive which get a downtime. We have working hard with the Data Center to have a replacement shortly.
After we have checked our daily backup and see the integration of the backup data, we have performed an OS Reload. And we have restored the entire file.
Since we have restored all the account - you can have an ISP propagation problem; the propagation can take more than 12hours.
We are pleased to offer you 10% discount next month on your reseller/shared hosting for the downtime,
Just email the sales team at: sales@hostingRQ.com
Again we are sorry for the inconvenient and we would like to thank you for your patience.
Warm Regards,
Admin Team.
- Page 1 of 2
- << Start < Prev 1 2 Next > End >>
|
