How To Prevent Dos Attacks

Written by Helen Glenn Court
Bookmark and Share

Preventing DoS--that's denial of service--attacks on a network server or internet site, as with preventing spam, is unfortunately not yet an option. To prevent an attack the hacker would need to be identified, located, and denied access to a computer. That is a tall order, to say the least. Combating such attacks is something else again.

DoS Attacks Mean System Overload

First, however, you need to understand exactly what a DoS attack is. First, it is not a virus, a worm, or a Trojan horse. It is instead a hacker methodology designed to compromise a given network server, almost without exception an Internet site or provider. Remember that data flows throughout the Internet in packets.

A packet is a segment of a message that contains not only the data but as well the IP address from which the packet was sent. Most WAN--wide area network--protocols are packet-based. These include TCP/IP, frame relay, and X.25. The opposite of packet-based is circuit based, which is the principle behind landline telephones. Circuits are dedicated direct connections along which the data is sent in a single chunk.

When a hacker dispatches multiple, and we're talking millions, packets simultaneously to a single network server, the system gets so bogged down in handling the scurrilous packets that legitimate traffic cannot get through. Thus we have the term denial of service. Packets from a single origin point could fairly easily be identified and blocked. DoS attacks thus typically come through Zombie systems on which the hacker has installed DoS tools, enabling the attack to come from multiple IP addresses. The solution is to prevent a workstation or stand-alone computer from being used as a Zombie, and this is precisely what certain software programs offer.

Bookmark and Share