A New Breed of Zombies: DDoS

May 06, 2014 | 3  min
author Pyxl Development
FacebookTwitterLinkedIn

The senior developers just returned from a weeklong gathering of fellow Ruby on Rails developers in Chicago.  We heard from a variety of thought leaders including David Heinemeir Hansson (DHH).  DHH is the creator of Ruby on Rails and Basecamp, both of which are tools we use at Pyxl on a day-to-day basis.  The day we returned back to work, Basecamp went down for around 20 minutes due to a DDoS attack.

Here’s what that means for you and what you can do to prevent such attacks.

What is a DDoS?

Unless you work in some sort of web development profession, you’ve probably never heard of DDoS, but you’ve most definitely felt the effects of one.  A DDoS is a “distributed denial-of-service,” which in simple terms means somebody is attempting to interrupt every one else’s service by continuing to take up needless resources.  

Swat

A DDoS is also referred to as a zombie attack.

To simplify further, think of a business that has 20 phone lines for technical support for a new video game system.  Someone at a rival video game system realizes this isn’t good for his system. So, he calls up 3 of his friends (the handlers) and tells them to have all of their friends and family call the new video game’s support line and try to stay on the line as long as possible.  Each of his 3 friends had 20 people (the zombies) call into the support line over and over again throughout the day.  During this time, when a person calls in who actually needs support, they can’t get through because all of the lines are busy.  They have been “denied service” simply due to the fact that other people were continuously calling in, not because the phone system went down or anything malicious happened.

Sites that get hit by DDoS attacks are usually high target, high traffic, high profile sites, such as Basecamp.  You may be asking yourself what there is to gain from DDoS, and the simplest answer is not much.  Usually, these attacks are made as a protest or just because someone doesn’t like a certain company or site.

So what can I do if a site I’m trying to visit is being DDoS-ed?

Anything but this:

f5

Actually, the best thing to do is just wait and stop trying to hit the site repeatedly.  More than likely, the site’s server administrator is working on the problem and if you keep refreshing, you’re just adding to the problem instead of helping it.

So how do I prevent a DDoS on my site?

While none of these are foolproof, here are a couple of ways to help prevent a DDoS:

  1. Load balancing.  Load balancing your site will help mitigate the risk since both servers would have to be DDoS-ed in order for traffic to stop.  Load balancing the DNS is also helpful because even if your site is up, if DNS isn’t responding to people to tell them where to find it, they won’t be able to reach it anyway.
  2. Drop junk packets.  Most of the time, DDoS attacks send junk ICMP (Ping) packets. Filtering those out at the firewall level before your server has a chance to respond will keep unwanted traffic off the server.
  3. Caching.  Dynamic resources always take much longer to serve than static resources, so having a caching system in place will help your site from being DDoS-ed by normal traffic.

While there’s no surefire way to prevent or fix a DDoS attack, since each is as unique as a snowflake, putting the above measures in place will help prevent future attacks.

Updated: Apr 13, 2022

Fuel Your Growth: Pyxl’s Digital Services and AI Solutions

What's New

Latest trends and insights
Introduction to Integrating HubSpot and Generative AI Solutions
Feb 20, 2024 | 5  min

In the rapidly evolving technology landscape, the strategic integration of generative AI solutions with HubSpot’s comprehensive data platform stands out as a pivotal advancement for ...   Read more

author Pyxl Development
The Power of Custom Generative AI Solutions in eCommerce
Feb 21, 2024 | 2  min

The integration of generative AI into eCommerce represents a transformative shift in how online retail operates. These AI systems, capable of creating content, recommendations, and ...   Read more

author Pyxl Development
Understanding Artificial Intelligence: AI, Generative AI, and AI Assistants
Feb 20, 2024 | 3  min

In the realm of technology, artificial intelligence (AI) serves as a cornerstone, shaping innovations and redefining industries. This broad field encompasses various subsets, including AI, ...   Read more

author Pyxl Development

1033 Demonbreun

Suite 300

Nashville, TN 37203

Phone: 615-647-6792

© 2024 Pyxl, Inc. All rights reserved. | Privacy Policy