What is a DDoS Attack?

In the world of computer networking, a distributed denial-of-service attack (DDoS) or a denial-of-service attack (DoS attack) is considered to be a malicious attempt to severely affect the performance of a computer or resource on the Internet, or to stop it from working completely.

There are many varied reasons why individuals or organisations carry out these attacks and also many different methods. For example, DDoS attackers may target their competitor’s websites, especially if it is an e-commerce site, they may also wish to disrupt news, financial organisations such as banks, and even DNS servers.

One way of thinking about how these attacks take place is to imagine a Call Centre, selling products, which has (for arguments sake) 50 incoming telephone lines. If 50 people called and got through, then all of the incoming lines would be busy, this would mean that nobody else with a genuine sales enquiry would be able to get through to buy something. In simple terms this is how a DDoS attack works, but instead of telephone lines, it hogs most or all of the available Internet bandwidth available to the computer or resource. In a nutshell it is all about limiting or disabling communication.

The good news is that there are several ways of stopping such attacks from taking place. However, varying levels of protection means varying costs, meaning that the most robust form of protection can cost a small fortune.

In the UK, denial-of-service-attacks are a criminal offence and can lead to a maximum prison sentence of up to 10 years.

Disaster Recovery / Large Backups

In recent months we have received a lot of enquiries from companies who have a requirement to back up large amounts of data and are looking for an off-site solution, as their traditional tape based systems are either too slow, unreliable or simply can’t handle so much data.

As we all know, it is vitally important to have a reliable data backup so that in the event of a disaster, the data is easily retrievable, and the business can then continue operating as soon as possible.

One new concept that we are keen on is the idea of data mirroring. This can be achieved by having a local backup device, such as a network hard drive array, mirroring it’s data to a similar device which is co-located in a purpose built Data Centre.

The advantage of this is that local data can be accessed quickly from the on-site hardware which is then mirrored periodically to the off-site device using the internet. In the event of a disaster, the data from the external hardware would be an exact replica of the local data and therefore can be restored over the internet, or in some cases the mirrored device would be physically shipped out to the client on a next business day delivery.

We have provided this very same service to a number of our clients already, and it does work extremely well on the right type of hardware so long as it is configured properly. In the past we have used hardware which has been manufactured by a company called Synology. They provide a wide variety of network storage solutions and the software includes the mirroring service along with many other useful features.

For more information, please do not hesitate to give us a call on 0113 294 6699.

Internet Password Security Advice

The internet has come on leaps and bounds in the past few years and as such, more and more people are using it as a way to run their daily lives. Social networking is now a prominent way of communication with friends, colleagues and family whilst online shopping in now more popular than ever along with banking and other such services.

The average person may have around 30 user accounts set up on various websites and each of these accounts would require a username and password. Additionally more and more people are working from home or accessing their email and corporate data whilst on the move on devices such as smart phones and tablets. Therefore it is more important than ever to employ a strict and robust password policy, wherever possible as the internet becomes ever more popular, so does the threat of cybercrime.

Here are some tips for improving your password policies;

Don't use the same password for every account

Whilst it would be impossible to have a different password for every online account, and remember all of them, it is also important to note that if you do use only one and then someone gets hold of it, they would have access to everything you do online, be it banking, social network sites or email. There are systems out there which help manage passwords such as LastPass, an online password manager which encrypts all your passwords for you, so all you have to remember is your LastPass account password.

Change your password regulary

For the same reasons as above, it is also important to change your password on a regular basis. Most corporate IT networks enforce password changes on average about every 90 days or so. This can be done using server group policies however domestic users would need to rely on either their own memory or set themselves reminders.

Don't use standard letters

A common mistake when setting a password is choosing something and then making it all lower case letters of the alphabet. It is important to make the password as random and complex as possible. Therefore using a mixture of capital letters, lower case letters, numbers and special characters is always advisable. A good tip is to use a word, but then substitute some of the letters for numbers which look like letters. A number ‘1’ for example could be used for the letter ‘L’ or ‘I’. The number ‘4’ could also be used in place of the letter ‘A’, and so on.

Use a line from a song

Many people prefer to use short, memorable passwords with a mixture of capital letters, numbers and characters that don’t take long to enter, whereas some prefer longer passwords which are often simpler to type. One school of thought is that a really good password would be to take an entire line from a song and then just make one of the letters into a number, usually the last or first, thus making it easy to enter and quite memorable. Here is an example taken from The Beatles classic ‘Hey Jude’ - 5oletitoutandletitinheyjudebegin – You will see that the first character is a ‘5’ instead of an ‘S’ and, that the rest of the password is simply the rest of the line from the song. These type of passwords are very hard to hack.

Don't use the obvious

A common mistake many people make is using things like their pets name, date of birth, children’s names, house address etc. as their password. Having a password like this should be avoided at all costs, as should standard words from the English dictionary.

In summary, we would advise that everyone has a good think about what the implications would be if a criminal got hold of your passwords. In some cases it may not be that serious, but in others it could be devastating.

If you found this article useful then please feel free to share it with others, or if you have any password tips yourself, then why not let us know and we will include them in a follow up article.