Caught in the Line of Fire: DDoS Attacks Against My Webhost
For whatever reason, my Web host has been experiencing Distributed Denial of Service (DDos) attacks. What’s DDoS, you might ask. First, let me explain to you in layman’s term what denial-of-service means. The Internet offers several services- WWW, email, ftp, newsgroup, telnet, p2p among others. These services have corresponding numbers or ports assigned to them. For example, WWW uses port 80, e-mail- port 110 and port 25, ftp- port 21, telnet- port 23, and so on. There are over 65,000 possible ports. The most used service could probably be the World Wide Web. The Web uses HTTP (protocol) and assigned to port 80. A denial-of-service occurs when access to a certain service, such as the WWW is (well, what do you know?) denied. In other words, when we get The connection has timed out messages in our Web browsers while visiting our favorite Web sites, a denial-of-service might have taken place. Of course there are other possibilities, but DoS is certainly one of them.
This is what I’ve experienced yesterday. For more than 4 hours, my blog was inaccessible. It didn’t take long before I found out that all of the other blogs and Web sites in the domain were also down.
My Web host isn’t just experiencing an ongoing DoS attack. Unfortunately, it’s on a larger scale- a DDoS attack. DDoS is different from DoS in that the former makes use of multiple compromised (or infected) computers that are collectively termed as a botnet. Moreover, my Web host may be a victim of a special type of DoS attack termed as pulsing zombie. Wikipedia describes this scenario:
A network is subjected to hostile pinging by different attacker computers over an extended amount of time. This results in a degraded quality of service and increased workload for the network’s resources. This type of attack is more difficult to detect than traditional denial-of-service attacks due to their surreptitious nature.
Denial-of-service attacks are difficult to detect because some occurences may be unintentional, such as the Slashdot or Digg effects. A Web site may also be mentioned in television that’s why there’s a sudden increase in traffic and thus, a heavy load on the Web server is experienced.
Below is a video that demonstrates how a DDoS attack is done. In the video, the attacker used some kind of master program that controls where the zombie or compromised computers should attack. Notice how the target domain became slow and/or inaccessible.
Thousands of sites have been affected yesterday. The issue here isn’t really the service that the Web host is providing, but rather the motive behind these attacks. I believe most of us have been contented with the level of service that this Web host has provided for FREE. What could’ve enraged the attackers? When motives aren’t clear, then I guess conscience should take over.
June 29th, 2007 at 23:16
Dude, that is so pain in the ass. My webhost sometimes really slow and maybe have been affected by this attacks.
June 29th, 2007 at 23:27
My Web host said that it has been happening for 2 days. It’s really difficult to stop these kinds of attacks because you do not know who to stop. The IP addresses are just everywhere.
June 30th, 2007 at 12:52
No wonder, the whole internet was crawling yesterday and I thought it was my connection! Poor Gab must be frustrated the whole of yesterday!
June 30th, 2007 at 22:43
Hmmmm . . . makes you wonder how often this might be going on without many of us noticing (or hearing about it). I, too, sometimes wonder why things are crawling when everything seems to be working just fine.
Isn’t it sad to think that some people have nothing better to do than make the lives of others miserable?
My boss frequently asks me who those SPAMmers and virus writers are. And then you see a news report about an unfortunate kid (frequently a shut-in with some other issues and a ton of parental neglect) who gets arrested for having launched a virus that caused millions of people a lot of grief.
At any rate, Gabriel, I appreciate this very informative article. You rock!
June 30th, 2007 at 23:26
@Karen,
Yeah, I was so frustrated during that time. I was about to post a new article (this one) when suddenly, I couldn’t access my site.
@WebGyver,
Thank you!
Poor kids. If only they knew how time consuming it is to setup a network. I guess we can’t blame them either. After all, this is the price we pay for having this kind of freedom on the Internet. As the old adage goes, you can’t please everyone.
July 1st, 2007 at 22:14
Those kids should be taught that this is not the way to show off their skills. They’re copycat in a sense that they want to show who’s the boss. It is just a waste of time.
July 2nd, 2007 at 22:44
@Syaf,
I agree. However, this isn’t what we see in schools. Punishment is sometimes good, but it isn’t always the solution. Parents have a significant role as well.
When I was a teenager, forbidden was my favorite word. But I was never an outlaw. I was curious about many things but I also knew the difference between right and wrong. Choices should be simple. It’s just that those around us make them complicated.
June 2nd, 2008 at 3:56
I wish things like this would not happen. I mean, is there really any need for people to make these attacks?
June 3rd, 2008 at 1:12
Our competitives are used to ddos our webhosting service.
And many people loose their business cause of that. Thats sad.
June 22nd, 2008 at 6:48
People who DoS attack are really just hacking newbs who get their thrills from doing a low level attack on someone. It just wastes time and money and nothing good comes from it. It sucks when you are on a shared hosting server and it gets dosed because it will effect EVERYONE not just the person who you are trying to attack