Denial of service (DoS) attack is usually hard to differentiate from other regular activities within a computer network. It can be associated with an observed reduction in response time while accessing information from a website or network that an attack is being undertaken. Denial of service in computer communication is thus defined as the incident whereby a hacker impedes usage of information and services by the rightful users, from a certain website or network. A hacker manages to prevent users from reaching their e-mails, information, online accounts in addition to other services that depend on the affected section of the network. Almost every computer user is vulnerable to these attacks (US-CERT;, 2004). This article will centre on understanding denial of service in a computer network or a website. It will draw out some of the effective ways of preventing such attacks.
The most frequent and noticeable form of DoS attack takes place when a hacker fills a computer network with a lot of information, thereby affecting its computational capabilities. What follows is that when a person writes a URL (uniform resource locator) for a certain website into his or her browser, a request is sent to the server to allow the person view information in the site (US-CERT;, 2004). In case the website is overloaded with such request, its response time will be slow or even not be able to process the request at al. This is because the server can only process a definite number of requests at any given time. The user is therefore denied a service from the website.
In addition, another common attack that results to denial of service is use of spam email messages. Every individual with an email account is allocated a particular quota, which helps to bind the information capacity that a person can have in his or her email account at any particular time (Abliz, 2011). When the attacker sends many email messages to the account, he utilizes the quota thereby preventing the person from receiving genuine email massages.
Due to the recent increase in modern internet viruses, proportionate number of compromised computers and computer networks has ensued. As a result, these computers can be used to attack most of the websites (US-CERT;, 2004). Attackers normally end up extorting legitimate users huge sums of money to cease their attacks.
Types of Denial of Service Attacks
After a client sends a request to the server in a computer network, a session is established between them using the Transport Control Program (TCP). However, there is a small space that is left to take care of the messages used for initiating the session. They are packets of information which comprise of a SYN field that searches for the order in the swapping over of messages (Abliz, 2011). In this case, what a hacker does is to send a big number of connection prompts then cease from replying to them. As a result, the initial packet is left in the buffer thereby denying other genuine connection requests from being accommodated (Abliz, 2011). Although the packet is eventually dropped, it ends up denying other rightful users from accessing the information in the website. In case this problem occurs, a network administrator can employ local tools to mitigate it. The size of the buffer and the timeout period can be adjusted to minimize chances of its occurrence.
In this type of attack, a hacker targets the manner in which a relatively large packet of information is handled by a router for fragmentation purposes by the internet protocol (IP). An offset is usually identified at the beginning of the first packet and the fragmented packets are later reassembled on reception (Vacca, 2009). Nevertheless, in case the computer on the receiving end does not have an established plan to handle this situation, the overall system can crash thereby denying its rightful users the required services.
In this type of attack, a hacker sends an Internet Protocol (IP) ping request to the receiving computer network. Consequently, this packet requests to be distributed to various hosts in the local network on the receiving end. This packet also specifies that it is from another website, which is intended to receive denial of service (Vacca, 2009). The target computer is therefore flooded with ping replies which prevent it from differentiating the actual traffic.
Distributed denial of service attack
This is an incident whereby a hacker uses someone else computer to launch an attack on another computer. The hacker normally takes advantage of the available weaknesses in someone else personal computer. He can use tools and software that forces someone else computer to send spam messages to certain email addresses (Vacca, 2009). This type of attack is known as distributed since it includes many computers and networks to initiate the attack.
Handling DoS Attacks
Generally, a person or an institution can defend itself from DoS attacks through preparation, detection and reaction stages. Preparation stage comprises coming up with a security policy, development of good and effective security protocols among other methods. This phase also ensures that the most important services are independent and therefore they are separate from each other (Dawson & Raghavan, 2011). Furthermore, there is need to create a collaborative plan with the internet service provider in addition to other response plans at the event of an attack.
The detection stage is supposed to occur automatically. In order to respond within the shortest time possible, the attack should be detected early enough (Molsa, 2006). The longer it takes for a network administrator to detect an attack, the more the loss incurred and possibilities of counteracting the attack.
The other stage is known as the reaction phase. It comprises of two sub-sections, categorization and mitigation. In the categorization stage, the attacked user should authenticate if the attack is actually going on and also be able to evaluate it so as to identify the notable features of the attack. When the nature of the attack is identified, it helps in mitigation stage.
For a long time, network administrators have been using labor-intensive procedures to respond to DoS attacks. These procedures are usually labor intensive since they involve tracing the route path of the attack traffic manually so as to identify the source. However, there are more elaborate automatic systems which are used to provide quick response to such attacks (US-CERT;, 2004). It is worth noting that reaction strategies usually centre on ways of mitigating the impacts of the attack.
Every host on the internet can be a target to DoS attack no matter how complex its security system is. The safety of computer networks is therefore dependent on how much protection is given to other hosts that are connected to the internet. It is of paramount importance to detect compromised computer devices connected to the internet to aid in protection against DoS attacks (Dawson & Raghavan, 2011). The effectiveness in defending against DoS attacks is dependent on how fast attack is detected and counteractive measures employed.
When connected to the internet, the following defense options should be employed to eliminate loopholes for DoS attack. Any service that is unnecessary should be done away with. This helps to reduce chances of exploitation by a hacker to access susceptible areas of the network attacks (Dawson & Raghavan, 2011). Therefore, any application on a computer that is not in use or relevant, should be removed.
Additionally, a firewall should be installed in any computer or network to monitor access to the network. The firewall helps to filter out the general public from accessing information that is shared in a local network. Connections to an ISP (internet service provider) is supposed to be well looked into. Also, access to the wireless Local area networks and other access routes to the internet should also be well monitored against attacks (Dawson & Raghavan, 2011). This implies that routers should be well configured to prevent creating points of vulnerability.
People should be encouraged to use passwords that are not easy to guess and that cannot be easily cracked by hackers. The passwords can also be changed from time to time. It is very important to use antivirus software that is always up to date. This will help to detect and eliminate viruses effectively (Vacca, 2009). Users should be very careful when accessing attached files and links sent through emails. They should also take caution while installing software on their personal computers (Vacca, 2009). There is need to read and understand the license agreement before software installation. However, most of the time, people do not pay attention to the license agreement requirements which defines the status of the contract between the user and the manufacturer of the software. Sometimes, these agreements allow third parties to access crucial information which can later provide best avenues for DoS attack.
Denial of service attacks is currently a common problem on the internet. It encourages cyber-terrorism and other related attacks on the internet that demands illegal extortions. It is an activity that can cost legitimate users huge amounts of money. The saddest thing is that there are readily available tools that necessitate execution of these illegal activities (Vacca, 2009). However, when effective defense mechanisms are employed as outlined above, an individual or an organization is safe from these threats.