Hello Everyone, In case you have not noticed, we have had several outages recently. These have been caused by what we geeks refer to as DOS (Denial of Service) Attacks. Now, what is a DoS attack? “DoS attacks are typically executed using DoS tools that send many request packets to a targeted Internet server (usually Web, FTP, or Mail server), which floods the server's resources, making the system unusable. Any system that is connected to the Internet and is equipped with TCP-based network services is subject to attack.” (Symantec Security Response).
Ok. Now I have confused you with the geek talk – let me explain it to you this way. Suppose someone set up a system that would call the local pizza store repeatedly. When the workers of the store pick up the phone, they realize that it is a prank call. But the system set up continues to make these prank calls – making it impossible for real customers to get through. This is denial of service.
Hackers set up programs that do the same thing to servers. They set up a program (or programs) that call so many packets of information that the server is unable to keep up with the requests and the real visitors are unable to get in. We have had this in the past (especially during these summer months when the teenagers are bored) and have quickly narrowed it down to one IP address. At this point, we bounce the server, ban the IP address and the situation is ended. From there the IP address is given to authorities who track down the culprit.
These last outages have been harder to correct because the programs were placed on several virtual servers (8 this afternoon). We would get one shut down only to have the attack start anew from a different IP address. This is also going to make it more difficult for the authorities to track down the responsible party. But, for now, we are back up and running and this particular program will not interfere again as a ‘fix’ similar to a virus scan has been put in place for it.
Thank you for your patience with this issue,
Sheri Barnes