Most of us who spend a significant time on the internet realize that we have to have some level of antivirus protection in order to protect our personal files and details. Of course, there are those who totally disregard that notion, hiding behind the defense of, “it’ll never happen to me.” Next thing you know, one of those folks has clicked on a link from an African Prince offering them 10 million dollars, and all is lost. While being hit with a virus at home can be catastrophic, for the most part it simply means having to do a clean install, whilst making sure that all of our family photos are still safe tucked away on a separate disk or flash drive.

The next time you complain about having to disinfect your laptop with a virus removal program, spare a thought out for the online business entity whose entire website can be taken down by a distributed denial-of-service attack (DDoS), with the goal being to shut down that business for the foreseeable future. While most attacks are aimed at financial institutions and big name corporations, it’s not entirely uncommon for a disgruntled computer geek to want to shut down a gaming or entertainment site, just to show that they can.

The only thing more frightening than a DDoS is the number of ways in which it can be achieved. Those range from sending huge packets of information to the server so that it overloads and is unable to handle requests from legitimate visitors, to infecting the network with malware, effectively poisoning everything it touches. That’s just really scraping the surface of the methods that attackers use to get in, without even mentioning the more creepy sounding methods, such as SYN Flood and R-U-Dead Yet? A simple antivirus simply isn’t enough to keep attackers at bay, and to try and use the same software we use at home would be the equivalent of putting a 2 foot high fence around Fort Knox.

This may be why many big corporations, and even some small businesses, are protecting the domains by employing the use of a professional DDoS protection company who can recognize potential attacks before they have a chance to take hold. A large part of that protection revolves around creating what’s known as attack bandwidth, which is basically enough storage space to handle the massive amounts of information that are sent during a DDoS attack. This gives the pros ample time to stop it, usually in a matter of minutes, before it’s allowed to bring your website down.>
It’s estimated that billions of dollars per year are lost due to DDos attacks, and while you may think your company is safe from such nonsense, do you really want to end up like the poor fellow who clicks that infected link without any form of PC protection?

You cannot control a DDoS attack or predict when it will happen, but you can prepare your IT infrastructure to prevent a DDoS attack from harming your business.

Safeguarding from DDoS involves use of stateful firewalls which can be configured to block unused protocols and inspect a TCP packet for its validity. Proper ACLs (Access Control Lists) can be configured at switch and router level and advanced features such as deep packet inspection, rate limiting, bandwidth shaping and bogus IP filtering can be used to prevent DDoS attacks. Also IPS (Intrusion Prevention Systems) should be implemented as an additional safeguard from DDoS attacks. The operating systems running on the servers and the business applications should be updated at regular intervals to patch any known security bugs; unused ports and services should be blocked / stopped (generally known as server hardening). Furthermore, the network and the server logs should be monitored regularly for suspicious activity.

The good news is that you don’t have to do any of above yourself as the hosting providers these days have become aware of the perils of DDoS attacks and how it can harm their and their clients' business. They have already geared up for the same and offer a number of DDoS protected hosting plans to their customers. So always ensure that you opt for a DDoS protected hosting plan if you want to earn the trust of your users, protect your reputation and keep your business running uninterrupted 24x7.

A DDoS attack causes inconvenience to the end user. While a DDoS attack is under progress, the genuine end users of the service get a very slow or no response at all.
If your server has crashed, it results in undesirable downtime as system administrators have to take corrective actions to restore your server and business applications it runs.

The real long term impact of DDoS is on the people offering the service. For example, if you are running an e-store on a server without DDoS protection, the users who were shopping at the time the DDoS attack was launched will be unable to complete their transactions. Any new users coming to the website will think that the site is too slow and will go elsewhere. This directly results in loss of revenue.

After the news of a DDoS attack breaks out, it has the current users worrying if their important personal data like login ID, password, credit card information has been stolen. Users start questioning whether you can protect their information stored on your servers. This leads to lack of trust in your website and the offered services. This hurts your hard earned reputation. A damaged reputation can have catastrophic results for your business as end user’s trust once lost is difficult to earn back.

A distributed denial-of-service attack, commonly referred to as DDoS attack happens when a single target, generally a server, is attacked by a network of bots (compromised computers) causing a denial of service for the users of that system or server.

In a DDoS attack, a malicious hacker / cracker hacks in to and compromises other user’s computer and installs malware on the compromised system without user’s knowledge. When many such systems have been compromised, the malicious hacker / cracker remotely use a single system (known as ‘DDoS master’) to send commands to control the compromised computers (known as ‘bots’). The network of bots is known as ‘botnet’ or ‘zombie army’.

The malicious hacker / cracker then commands many ‘bots’ to send ping requests, fake TCP connection requests or bogus service requests to the target server. As the number of bogus requests increases, it takes a toll of the network bandwidth and available server resources (such as CPU cycles or maximum number of permitted TCP sessions) at the target’s end. This not only hogs the network bandwidth but the server also slows down to a crawl or crashes. Thus, the genuine users get a very slow response or no response from the target server i.e. they are denied the service they are entitled to; thus the term ‘denial-of-service’.