The Problem
Distributed Denial of Service (DDoS) attacks are weapons of mass disruption. Unlike access attacks that penetrate security perimeters to steal information, DDoS attacks paralyze Internet systems by swamping servers, network links and network devices (routers, firewalls, etc.) with bogus traffic.

DDoS is emerging as the weapon of choice for hackers, political hacktivists and international cyber-terrorists. Easily launched against limited defenses, DDoS attacks target not only individual Web sites or other servers at the edge of the network - they subdue the network itself. Attacks have begun to explicitly target the network infrastructure, like aggregation or core routers, or DNS servers in a provider's network.

The growing dependence on the Internet makes the impact of successful DDoS attacks financial and otherwise increasingly painful for businesses, enterprises and government agencies. And newer, more powerful DDoS tools promise to unleash even more destructive attacks in the months and years to come.

Our Solution - The DDoS Protection Suite (Self-Defending Network). Click here for Order. Website Source Hosting delivers a complete "DDoS Protection Suite" based on the principles of detection, diversion, verification and forwarding to ensure total protection. When a DDoS attack is launched against a victim protected by the solution, business continuity is maintained by:

1. Detecting the DDoS attack
2. Diverting the data traffic destined for the target device to an approved appliance for treatment
3. Analyzing and filtering the bad data packets from the good data packets, preventing malicious traffic from impacting performance while allowing legitimate transactions to complete
4. Forwarding the good traffic to maintain business continuity

DDoS Attacks

Website pages can take a long time to load — if they load at all. Sites might be shut down completely. The server they're on may have been taken offline. Customers are upset, possibly losing business, and a reputation is going with it.

That's what webmasters can expect with a Distributed Denial of Service (DDoS) attack.

DDoS attacks are increasing in frequency. Without adequate network protection, any site could be at risk.

The good news is that at Website Source, we've taken proactive steps to prevent DDoS attacks from spreading through the network. We've got more background to cover here, but if you just want to read the technical details, skip down to Website Source network architecture.

How DDoS attacks work

They start with a hacker finding a computer system that's vulnerable. The hacker exploits that vulnerability and finds other susceptible systems via that first one. After he gains control of these other systems, possibly thousands of others, the attack — distributed via all these systems — can begin.

The target is usually a specific domain, but it may be an IP or even a whole server. Tools loaded on the systems that the hacker exploited launch attacks against the target. The techniques used depend on the type of attack.

Why DDoS attacks are launched

Most DDoS attacks are probably launched for the same reasons that some people create viruses and worms. That they vandalize property. We don't know what's happening in their heads except that they'd rather destroy than add value. The aim of DDoS attackers is to create so much traffic from exploited systems that they disrupt legitimate traffic.

Some DDoS attacks are personal. The attacker may be seeking revenge against an individual or a company. Or he may be a competitor.

When the attack is launched from another country, there is little or nothing that can be done legally. And no matter the country it's started in, finding the source of the attack is difficult. These two factors mean that there is little or no risk for the perpetrators.

Effects of DDoS attacks

When a large number of systems send a huge amount of traffic to attack one target, traffic gridlock occurs. Pages load very slowly or not at all. The server administrator might have to suspend the target site to prevent the problem from spreading to other sites. It may even be necessary to take the server offline to prevent other servers in the datacenter from being affected.

The victims are not only the target site and other sites on the same server but also the systems that the hacker gained control of to launch the attack. For all of the victims, the bandwidth exploitation results in a denial of service, for both the site owners and those who want to use the sites. If we're among the victims, our revenue and our reputations suffer.

Cybercrime is increasing, and those behind DDoS attacks are developing better techniques to use when carrying out their attacks.

We can protect you against all type of attacks