Wednesday, 26 September 2012

Denial of service and adding bandwidth

A denial of service attack happens when one server is hit with so much traffic that it cannot respond to it all and becomes effectively unavailable. There is a perception in some quarters that adding more bandwidth to the internet will make this go away. The problem is that adding more bandwidth to the servers will mean adding more capacity to the rest of the world, too. So, today, someone is capable of sending multi-gigabyte-per-second data bursts at a server, and this cripples it. If it were capable of handling terabytes per second, but only received gigabytes per second, everything would be fine again. The attack would fall below its threshold of significance. But when the attack increases exponentially too, then you've made no gains.

It's like this: imagine a one-lane highway serving 1000 cars per day. It is always packed full. Then the city builds up a second lane going each way, to ease the burden. Now each lane only needs to handle 500 cars per day, and it flows more freely. But when people hear the highway is flowing again, 1000 more people per day come on to use it, and the whole thing grinds to a halt again. Handling denial of service attacks by adding more bandwidth is like that, except that the extra cars are arriving deliberately to clog it up, and whenever you build more lanes, you somehow automatically make more cars too.

I don't think there will ever be enough bandwidth or enough computing cycles to allow spam and malware to coexist peacefully with legitimate uses of the web. More is always more, and adding to the bandwidth or power is only going to add more spam and malware.

Mokalus of Borg

PS - Unfortunately, every complex system has parasites.
PPS - I wish we had some better ways to manage them.

No comments: