How Can a DoS Attack Take Down Twitter? [Technology Explained]

0 twitter dos intro   How Can a DoS Attack Take Down Twitter? [Technology Explained]A denial-of-service — or DoS — attack is an attempt to prevent a website from functioning properly and is one of the most common violations happening to popular sites on the Internet. These attacks, which usually target high-profile websites, are meant to keep people from accessing such sites for an extended period of time.

Social networking sites are among some of the most often visited and widely used on the Internet. Because of this, sites like Twitter and Facebook have to worry about DoS attacks like other important websites. Twitter has fallen victim to DoS attacks in the past, causing the site to run extremely slow or go down entirely. But, how?


As part of our Technology Explained series, I am going to explain what a DoS attack consists of, as well as how one can take down a site as big as Twitter, and the effects it has on the site and its millions of users.

What is a DoS Attack?

I explained briefly the intent of a DoS attack, but what is it technologically? A DoS attack happens when a large number of hijacked computers overwhelm a website by sending it a massive, constant stream of data. A basic site like Twitter, which is used to processing requests and displaying a simple page, has trouble keeping up with this massive flow of information due to this large spike in requests.

1 twitter dos data   How Can a DoS Attack Take Down Twitter? [Technology Explained]

In a typical connection, a user sends a message for the server to authenticate. After the server acknowledges and approves this request, the user can then access the site from the server.

In a DoS attack, several authentication requests are sent, filling the server up. The server tries to approve these requests, but it can’t because they all have false return addresses. So the system waits. After a minute or so, these connections are closed, but by this time, the attacker has already sent a new batch of requests, slowing up the system indefinitely.

Using Botnets for DoS Attacks

2 twitter dos botnet   How Can a DoS Attack Take Down Twitter? [Technology Explained]

A botnet is a collection of compromised computers that can be used for malicious acts (like spam) on the Internet. Botnet-based DoS attacks are difficult for websites to deal with. This is because it is hard to distinguish legitimate requests from those coming from a botnet.

From Twitter’s perspective, you can’t just block the IP addresses of offending users in this situation because the computers being used might belong to legitimate users. Cutting such users off would only further complicate things.

[Note]: You can drastically reduce the chances of your computer being hijacked by maintaining anti-virus and firewall protection. You don’t want to be partially responsible for the next attack on your favorite website!

Twitter DoS Attack

You can monitor Twitter’s status here.

Twitter has always been criticized for running too slowly at times or having significant downtime. They have spent a lot of time fixing these issues and becoming stronger structurally, but with millions of users to account for, a denial-of-service attack can (and has) cripple Twitter for its users.

3 twitter dos attack   How Can a DoS Attack Take Down Twitter? [Technology Explained]

Twitter is different from most sites in that much of its use comes through its application programming interface (API), which allows software (e.g. TweetDeck) to have access to its service. When a Twitter DoS attack occurs, users on the site experience longer loading times and slowness, while users of third-party applications experience timeouts. Some of your requests might fail, causing you to be unable to post an update or follow someone.

Conclusion

Twitter DoS attacks will more than likely continue to happen in the future. As the company grows older, it should become better equipped at dealing with such attacks.

Now that you know what a denial-of-service attack is, you can begin taking notice of such activities on the Internet. So the next time your favorite site is running a bit slow, keep in mind that it might not be their fault.

What thoughts do you have on this matter? Do you have anything to add to the article? I’d love to hear your opinions below.

Image Credit: carlsilver, -= Trevino =-

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

6 Comments -

Nat Jay

I wish there was a way to heuristically analyze bad IP behavior based on a history of DoS attacks. I’m a strong believer in prevention, and hope the algorithms advance to a point where sites are able to hold off, if not totally prevent, a malicious attack.

Steve Campbell

Yes, hopefully there is a better way to deal with this activity. It would be huge for sites and internet security.

Birkenstock

Well, it’s gald to read your post, but I wouldn’t understand your meaning well. Thanks all the same.

Andy

some amature tried taking down our new website yesterday, but i have put a few request timeout changes in which cut down their abilty as it was just the one user trying to DOS attack my site encryptoemail.com

TechGyo

I didn’t know that this kind of trouble is possible from DOS attack

Ewerw

Wow!!