Third party cookies may be stored when visiting this site. Please see the cookie information.

PenguinTutor YouTube Channel

IT Security: Denial of Service Attack / Incident

I have had a couple of Denial of Service issues over the last week against this website and www.firstaidquiz.com.

The first I believe was with malicious intent, and was unsuccessful. After the earlier attempt Cyber Vandals during June I added some Denial of Service detection code to the quiz engine which appears to have successfully protected the server. Although the DoS detection is not immune from accidentally blocking genuine users I feel it's very unlikely in this case. If it was a genuine logon attempt then several users thought it necessary to attempt multiple logins within seconds of each other. The biggest entry was for a user that tried to login 9 times within 30 seconds. I believe that this is fairly conclusive evidence of an attack attempt.
Whilst I will admit that I would not be able to protect against a determined Denial of Service attack, as to do so would risk causing more inconvenience to normal users and certain attacks are almost impossible to protect against, such as the distributed denial of service attacks that have been successful against some big names in the past. I can at least now protect against some of these attempts.
This appears to have come from a computer connected to "MERIT Network Inc." in Michigan in the USA.
"Merit Network is a non-profit corporation based in Ann Arbor whose mission is to make Michigan a showcase for high-performance networking."

The second Denial of Service was successful, but as far as I know had no malicious intent as it was caused by the electricity supplier. The problem was that in the early hours of this morning there was a power failure affecting some of the Coventry area. Without having the finances to cover the cost of a proper UPS protected system this did mean that the server went down for a few seconds whilst it restarted. It does not appear that anyone was actually using the server at the time, as using my LogInfo Log Analysis Software I only recorded one http request for a html page, and that was a while before the power cut.