Packet Loss And Denial Of Service Attacks

We track Quillcards and get an email alert if it goes down for any reason. It went down for about 15 minutes less than an hour ago.

Our web host posted a notice immediately and I signed up to be alerted with updates to the notices.

The first notice said:

We are seeing some heavy packet loss at our Dallas datacenter right now. We are investigating.

I signed in to a chatroom at the web host and was told that the packet loss (loss of data) was at the Dallas data center where our site is hosted.

So I knew that the problem affected our web host and was not Quillcards itself that was having a problem internally.

The next notice said:

It looks like the loss has subsided now, this affected our entire Dallas network, and appears to have been something from upstream. Working with the datacenter NOC team to find out what occurred.

The thing is that the Dallas data center handles data for various web hosts, and this was the final notice:

We have been advised another customer at the datacenter was subject to a very large DOS attack. That has been blocked and the network has returned to normal.

So what is a DOS attack?

It’s a malicious attack by outsiders who send a query with forged credentials to the website they are attacking. The web server responds and the attacker asks the same question again. Except the attacker doesn’t just ask once or twice: It asks many, many times a second and eventually overwhelms the service.

The way to stop the attacks varies with the kind of attack, but one way is to query the credentials and get the attacker to prove it is who it claims to be. When it fails to do so, the attack is blocked.