Chapter 11: Denial-of-Service (DoS) Attacks

Previous page
Table of content
Next page

Overview

You arrive at the datacenter holding the servers that host the Web application and look at the lights of the networking equipment. Instead of the usual rapid blinking on and off of the lights on your switches and routers, you see the lights are all rock-solid. Attempting to access the web site is slow and it takes forever to render in a Web browser despite being right next to the servers. You know that this same slow experienceor even worse , the dreaded timeoutis happening to customers all over the world when they attempt to reach your site. Welcome to a denial-of-service (DoS) attack.

A DoS attack could be just a bunch of kids having fun, a disgruntled customer or former employee, or a blackmailer who wants to be paid to go away. Rather than attacking other users of the site like a cross site scripting (XSS) attack or hijacking the application itself with a SQL injection attack, a DoS attack attempts to disrupt the operation of the site. This can result in direct monetary losses (loss of sales) as well as the bad publicity and loss of customer trust that comes with a customer being unable to access the Web site.

The most popular form of these attacks is the Distributed Denial of Service (DDoS), which has been on a steady rise over the last five years as off-the-shelf software vulnerabilities and the average home user 's lack of security knowledge have allowed hackers to easily compromise systems and add them to their "bot" nets . Even more worrisome to those who wish to pursue online business ventures , trends indicate that DDoS attacks are increasingly focused on custom application logic unique to individual sites.

This chapter will first take a brief tour of "old-school" DoS techniques for historical perspective, and then focus on the application-specific techniques that are becoming more prevalent . Finally, we'll finish off with a robust discussion of countermeasures you can employ to mitigate what is sadly becoming an inevitability of life on the Internet.


Previous page
Table of content
Next page
Hacking Exposed Web Applications
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
ISBN: 0071740643
EAN: 2147483647
Year: 2006
Pages: 127
Authors: Joel Scambray, Vincent Liu, Caleb Sima
BUY ON AMAZON
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
FileMaker Pro 8: The Missing Manual
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
Quantitative Methods in Project Management
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy