Computer column: Smurf attack!

By Bruce Richardson
The last attack was on Friday, Sept. 18.  The attack was widespread and you probably did not know what was going on, but chances are you were affected.  On that day, I started getting phone calls from my customers that they could not get to the Internet, or that they couldn’t reach a particular web site.  I performed the usual checks on my end, checking with local Internet providers and checking with the Virus folks to see if something was afoot.  No word in the Internet. There was not much for me to do. People could go to other web sites, and they could connect to the Internet, but it was slow.
That Saturday, I started receiving notifications from Hosting providers that sites were ‘back up’ and the Internet was back to normal.  On that Friday, we had a Smurf Attack.  That’s what it is called and it is a variant of a Denial of Service Attack.  Without getting too technical, several servers on the Internet were overloaded with requests for several websites, and couldn’t service any more customers.  What is interesting about these attacks is that there is no real gain for the perpetrators.  A typical hacker is trying to gain financial information, or passwords, something they can use.  A Denial of Service attack just clogs up the Internet.
There are several different kinds of Denial of Service attacks and ‘Smurf’ is just one variant. Without getting too technical, here is what happens:  when you type in the address of a page on the Internet – say northcoastnews.com, you are requesting a page on a Web server.  You request the page and it is delivered to your computer.  In a Denial of Service attack, banks of computers are programmed to request the same page at the same time. A Web server can only handle a couple of hundred requests for the same page at the same time. After the limit is reached, most hosting companies have some fail-over machines to help disperse the load.  What happens then is that other sites begin to suffer performance because the servers are busy.  This is called ‘backscatter’ and soon a lot (thousands) of servers are just too busy to serve up your webpage.  There is usually  no immediate notification to anyone, because they are all too busy trying to fix things – and, at best, these companies would further disrupt things by overloading their email servers sending out notifications that things are slow right now. This particular attack had nothing to do with any Web sites in Washington or even the West Coast, yet the entire Internet was affected.  In Ocean Shores, we felt that the Internet was slow that day, or that we couldn’t get to our favorite website.
Major Websites build up servers over time and establish agreements with other companies to provide for extra hits.  Although the ratings change almost daily, the top 5 websites in the world are: Google, Facebook, Yahoo, YouTube, and Windows Live (see Alexa.com to see where your favorite website is ranked).  These sites handle thousands of requests per hour and actually have buildings full of web servers. Most of these companies also buy server space from other companies.  Microsoft, for example, doesn’t provide any software at all from the Redmond, Washington Campus.  The nearest place is in San Diego.  If you download a Windows Update, or new product, you are connected to a company in San Diego.  That is all this company does.  It provides software downloads from Microsoft to you.  Microsoft has some 15 of these companies around the world.
In the history of the Internet, there have also been un-intentional Denial of Service attacks. This is caused by the huge popularity of a particular website and the inability to handle the traffic.  This initially happened to YouTube and also Twitter. Both of these companies published their initial pages and within a week, they went down because they couldn’t handle the traffic.  A Web designer’s dream!
Unfortunately, I can’t tell you that this will never happen again; come to think of it, I can’t even tell you that it is happening now, if it was.  Things usually get back to normal within 24 hours.  At best, if you can’t get to Facebook right now, but everything else is O.K., just wait awhile and try again later.
Web Designer and Technology Consultant Bruce Richardson can be reached at 360-500-3643; his website is www.purpletreefarms.com