Category Archives: Cdn

DDOS is nothing but distributed denial of service , this attack is very well trained and uses internet to get into a system and attack the network . Many computers using internet can also be used to attack other systems. If a denial of service attacks a computer or network then the user will not be able to access emails or the internet, These attacks can be directed towards an operating system (OS) or a network.

How did DDOS attacks start?

shared hosting from host department

DDOS attacks started in late 90’s, initially the attackers used to make full use of victim’s bandwidth and not letting others to get the service. To make these attacks more damageable many attackers should manually synchronize. This type of attack has become public in the year 1997, when a DDoS attack tool called as “Trinoo” was released and was available publicly.

Types of DoS attacks:

Dos attacks are classified into three different types based on the method of attacks. They are:

1.Bandwidth/Throughput Attacks:

These type of attacks are again classified into different types:

Ping Flood Attack: This is a kind of attack by which an attacker attacks on the bandwidth connection so that a network is saturated with an ICMP echo request packets so as to slow or stop the traffic which is going through the network.

Distributed SYN Flood: The attack focuses on the bandwidth of many machines and by doing so, it
is possible to use more number of weakly distributed computers and a big flood attack is created.

UDP Flood Attacks: In UDP protocol it is very easy to use interface to produce large quantity of packets . Hence it is very easy for an attacker to produce large packets with little effort and this is how a victim’s network is flooded with UDP packets and is attacked.

2. Protocol Attacks:

These type of attacks are divided into two types:

Smurf Attack: Here a spoof IP packet with ICMP echo -request with an address of victim’s system and a destination address are sent to an intermediate network. By sending an ICMP echo request to destination address , it triggers all the host that are included in the network and thus leading to production of large number of packets that are routed to that spoof IP address.

DNS name server Attack: his is one of the most common method for attacks, mainly by sending a high number of UDP based DNS requests to a nameserver using a spoof IP address, now any nameserver response is sent back to the destination i.e., to the spoofed IP address and here this IP address is the victim of the DoS attack. So, it is difficult for a nameserver or the victim to determine the true source of the attack.

3. Software Vulnerability Attacks:

These attacks are again divided into 3 types:

Land Attack: This kind of attack uses TCP/IP, here attacker sends a TCP SYN packets with source and destination address same i.e., same as the victim’s host address. The TCP/IP stack implements those kind of packets which leads to victim’s host to crush or hang. You can reduce the possibilities of your network being used as an initiate forged packets by filtering the out going packets that are having different source address from your internal network.

Ping of Death Attack: This is a method by which an attacker tries to crash , hang or reboot a system by sending illegal ICMP packet to the victim who is going to he attacked. Generally a TCP/IP allows a maximum packet size till 65536 octets, if the packets encountered are greater in size then victim’s host may crash. Usually the ICMP uses packets of header size of 8 octets by allows the user to specify even larger sizes. Here in Ping Death of attack ICMP packets are sent in the form of small parts of messages , when these are reorganized it turns out to be large packet size.

Teardrop Attack: In this type of attack first a packet of small size is sent. Then another packet said to be the part of the first packet sent. The second packet sent is very small to pick it from the first packet, this causes an error is assembling and the system may crash or hang. Generally fragmentation is very necessary if the message size is large , at the receiving end all the fragmented packets are reassembled to complete it, teardrop attacks concentrate here and sends unrelated fragment packets, which leads to system crash or hang when trying to assemble them.

Effects of DDoS:

1254522_76829873

1. An DDoS attack on a site not only affects that site but also other site which relate to the same network and the server.

2.The bandwidth that is provided is attacked it not only affects the victim host but also the bandwidth provider and others who share bandwidth with the service provider.

3. When DoS attack it already increases the traffic to the site that the whole system crashes , in addition to that customers logging add more traffic to the site, this definitely leads to site crash .

4. Due to highly increased bandwidth by the attack you need pay extra to that highly increased bandwidth.

How to Handle DoS attacks:

VPS Hosting From Host Department

1. Initially before they attack you need to take preventions like separate client and server addresses, using path based client addresses strictly avoids spoof addressing, RPF checking of server addresses and also by using midwalls.

2. Detection is very important, as early you detect it you can lessen the damage. By using automated intrusion detecting system you can detect the attacks at an early stage and take necessary action.

3. What we do after the attack is very important, based on the attack try to follow the procedures and taking back up so as to avoid huge loss. Try to maintain the traffic and also for a while blocking the traffic and filtering is also important.

Conclusion:
It is always better to take precautionary steps to avoid DDoS attack as it causes a lot of damage not only to the victim host but also to the entire network that is connected to that host.

Secured VPS Hosting Plans with free Plesk control Panel for life. (All VPS plans are Secured from DOS and DDoS Attacks )

Someday when your business extends from smaller region to all over the world then your business website will be viewed by people all over the world. When you had a small business and your site was hosted at only one place that was fine but now, when it is viewed by people across seas do you think your site will be fast? The answer is NO, because as area increases the distance to be traveled by the files and folders of your site increases which obviously increases the page loading time,latency and sometimes due to routing issues those files may not reach its point and your website may not be displayed. For this there is a solution too and it is CDN(Content Delivery Network).

What is CDN?

CDN(Content Delivery Network) is a network placed in different parts of the world which contains files of the website. When a website is requested instead of travelling miles, nearest network would be approached and website will be loaded fast and also routing issues will be avoided. For example an Indian based website is accessed some where in new york and the site is also hosted in New Jersey, instead of travelling all the distance from India to new york, the site’s file will be transferred from new jersey to new york avoiding all the routing and other issues. It is like servers holding your files across the globe , reachable to all the people around the world and makes sure that your website is loaded fast and these servers are called “edge servers”.

How it works?

The working of a CDN under goes following steps:

  1. When a browser sends a request for a domain name, that is a DNS request is made.
  2. The server which is handling DNS requests will check for the domain name and sends back the IP address for the edge server which is closer to the area from where the request has been made.
  3. These Edge Servers are proxy caches similar to browser caches. When a request comes to the edge server it checks for the cache and see if the content is present or not.
  4. If the content is present and cache is not expired, the content will be displayed directly from the edge server.
  5. If the content is not present then the edge server makes a request to the origin server. The origin server is the true server of the website and is capable of providing the information available in CDN.
  6. As soon as the origin server sends the content, the edge server stores info in a cache based http header of response and also display the information to the browser.
  7. Once again when your request, if the cache is not expired the content will be directly displayed from edge servers rather than fetching content from origin server.

Origin Server and Edge Server:

The Edge servers just responds to the request and displays accordingly but the origin servers are being runned by technologies like java, .net or any other and hence any changes can be done in the origin server unlike edge servers are just having a copy of data present it origin server and cannot be changed. CDN is just a cache, if the data is always fetched from the origin server then there is no value for CDN. When an edge server makes a request to origin server then there is no value of CDN there and instead it costs more and takes longer time.This is the reason why all the java script,CSS, image files are served from data as they don’t change frequently.

How to setup?

No matter what ever CDN you are looking for, there are mainly 5steps common in setting up CDN. They are:

  • Sign Up:
    If you have been recommended some site for CDN, just go to that site and sign up for their service. In our case we prefer and suggest Cloudflare, so just get into its site and sign up.
  • Getting Files into the CDN:

Mostly all the web page assets like JavaScript,CSS,images should come from CDN as they are not changed frequently, only HTML pages come from your web host, that is origin server. It is not that easy to to get files into CDN but cloudflare makes it easy,just you need to give your urls and you will have an option to choose that description that describes your site and it will be done automatically.

  • Decide your url names:

When we provide the url names at the time of entering file to CDN they change once added in CDN. For example if xyz.com/css/home.css was you css file name, after adding in CDN it will change to gf455633jhk/home.css and this doesn’t look nice. So you can change them to cdn.xyz.com/home.css.

  • Make sure that right files are called:

You can check this through wordpress or CMS. You can just ask the CMS to swap the files using caching systems.

  • Testing:

You can test your site fro different locations by using webpagetest.org .

Why CloudFlare?

cdn-hosting-cloudflare

Cloudflare helps in protecting and acceleration your online website. It automatically optimizes the delivery of web page and helps your site to load faster. Before your page displays, the cloufare filters bots and other atackers before they attack your website. It is also very user friendly i.e., comfortable in changing the settings and easy to understand. It also provides many other features. To know more about Cloudflare Click Here: CloudFlare Overview

Benefits of CDN:

  • Loading time is faster.
  • Gives better performance.
  • Gives a better user experience.
  • Improves site ranking.
  • Protection against surge in traffic.
  • Protection against Dos.

Conclusion:

The importance of CDN will grow day by day as it plays a vital part in the internet. Even now many companies are trying to make advancement in the edge servers and provide the users fastest loading experience.Having a good knowledge about CDN and how they work helps in giving users a better experience of the website.

Host Department is offering free cloudFlare and Softaculous with cPanel control Panel for Unlimited web hosting plans starting from $2.95/per Month

For cPanel documentation visit: Host Department Documentation Page