A denial-of-service — or DoS — attack is an attempt to prevent a website from functioning properly and is one of the most common violations happening to popular sites on the Internet. These attacks, which usually target high-profile websites, are meant to keep people from accessing such sites for an extended period of time.
Social networking sites are among some of the most often visited and widely used on the Internet. Because of this, sites like Twitter and Facebook have to worry about DoS attacks like other important websites. Twitter has fallen victim to DoS attacks in the past, causing the site to run extremely slow or go down entirely. But, how?
As part of our Technology Explained series, I am going to explain what a DoS attack consists of, as well as how one can take down a site as big as Twitter, and the effects it has on the site and its millions of users.
What is a DoS Attack?
I explained briefly the intent of a DoS attack, but what is it technologically? A DoS attack happens when a large number of hijacked computers overwhelm a website by sending it a massive, constant stream of data. A basic site like Twitter, which is used to processing requests and displaying a simple page, has trouble keeping up with this massive flow of information due to this large spike in requests.
In a typical connection, a user sends a message for the server to authenticate. After the server acknowledges and approves this request, the user can then access the site from the server.
In a DoS attack, several authentication requests are sent, filling the server up. The server tries to approve these requests, but it can’t because they all have false return addresses. So the system waits. After a minute or so, these connections are closed, but by this time, the attacker has already sent a new batch of requests, slowing up the system indefinitely.
Using Botnets for DoS Attacks
A botnet is a collection of compromised computers that can be used for malicious acts (like spam) on the Internet. Botnet-based DoS attacks are difficult for websites to deal with. This is because it is hard to distinguish legitimate requests from those coming from a botnet.
From Twitter’s perspective, you can’t just block the IP addresses of offending users in this situation because the computers being used might belong to legitimate users. Cutting such users off would only further complicate things.
[Note]: You can drastically reduce the chances of your computer being hijacked by maintaining anti-virus and firewall protection. You don’t want to be partially responsible for the next attack on your favorite website!
Twitter DoS Attack
You can monitor Twitter’s status here.
Twitter has always been criticized for running too slowly at times or having significant downtime. They have spent a lot of time fixing these issues and becoming stronger structurally, but with millions of users to account for, a denial-of-service attack can (and has) cripple Twitter for its users.
Twitter is different from most sites in that much of its use comes through its application programming interface (API), which allows software (e.g. TweetDeck) to have access to its service. When a Twitter DoS attack occurs, users on the site experience longer loading times and slowness, while users of third-party applications experience timeouts. Some of your requests might fail, causing you to be unable to post an update or follow someone.
Twitter DoS attacks will more than likely continue to happen in the future. As the company grows older, it should become better equipped at dealing with such attacks.
Now that you know what a denial-of-service attack is, you can begin taking notice of such activities on the Internet. So the next time your favorite site is running a bit slow, keep in mind that it might not be their fault.
What thoughts do you have on this matter? Do you have anything to add to the article? I’d love to hear your opinions below.