Unfortunately, everyone is familiar with computer viruses. Hackers use viruses to overwhelm websites with “drone” or “bot” systems that are difficult to fight. A denial-of-service (DOS) attack attempts to prevent legitimate users from accessing their secure data, such as email and online accounts.
The most common type of DOS attack is when the attacker “floods” the network with information requests. These attacks involve either automated or actual callers overwhelming an organization’s ability to take inbound calls, often resulting in legitimate calls not being able to reach a caller in a timely manner when they need assistance, service, or, in extreme cases, report a real emergency.
Attacks of this nature are ongoing throughout the US and Canada. Some will muse that this may be yet another way for terrorists to attack the United States, potentially weakening businesses or, more importantly, emergency response teams.
It can be very difficult to defend against this attack. You must keep your network from being attacked by others and secure your machines so they can’t be compromised and used in attacks. The first step is to protect your own network against being attacked. This can prove difficult, since any network is vulnerable to being overloaded by seemingly-legitimate traffic. Turning on ingress filtering will help screen out junk packets. Additionally, there are a number of settings for the Windows NT/2000 TCP/IP stack that you can tweak to secure it against common attacks. Here are a couple of steps that will help:
- Configure your firewall to block (or, better, ignore) traffic on any port you don’t actually need. If you don’t know which ports should be open for particular services, see Microsoft Knowledge Base (KB) article150543.
- Review the TCP/IP hardening settings described in “Security Considerations for Network Attacks “. Apply them to any server which is exposed directly to the Internet.
If you think you are experiencing a DOS attack, it can be difficult to figure out the source of the attack. Contact ACS for a no obligation consultation to discuss your business’ security.