Attacks of self-denial

As Attacks of Self-Denial or Self-Inflicted Denial of Service Attack ( German self-supplied DoS attack ) is referred to it when a server is overloaded by a large number of requests and therefore is no longer available. In contrast to a Distributed Denial of Service (DDoS), the cause is not based on a botnet , but is triggered by human action.

Causes can be advertising campaigns or politically motivated protests, which cause a significantly larger number of requests on the server than normal. The failure of the server also causes users to reload the website in the browser, which is why additional requests are generated before the existing requests have been processed. In addition, incorrect technical planning or configuration errors can also be a cause.

Examples

For the launch of the Xbox 360 an advertising mail was sent, which has data loaded from a server without the planned content delivery network from Akamai to use.
In November 2006, Amazon launched a special offer that included a limited number of Xbox 360 consoles at a heavily discounted price. Amazon had failed to provide its own servers for bulkhead for the campaign , which is why the entire front-end infrastructure was taken away when the overload occurred .
In May 2017, political comedian John Oliver urged the public to submit protest comments on net neutrality on the Federal Communications Commission (FCC) website . As a result, the website failed, which according to the FCC was due to a targeted DDoS attack. However, The Guardian suspected that it could have been attacks of self-denial and requested that the log files be released so that an independent analysis could be carried out.

Possible solutions

Since a DoS is caused by exhausted thread pools, the thread pools - in particular for databases and external services - must be limited.
Fuses prevent the backend from being burdened with additional requests in the event of an overload.
Bulkheads separate the overloaded infrastructure from the rest of the infrastructure
Static files should only be called up via a CDN and direct server access should be blocked by a firewall .
In the case of promotions, additional resources should be planned.
The necessary services must be able to dynamically scale horizontally . Automated Scaling Listeners are used for this purpose , which generate additional instances of the corresponding services as required.

swell

↑ ^a ^b ^c Michael T. Nygard: Release It! Design and Deploy Production-Ready Software. O'Reilly, 2007, ISBN 978-0-9787392-1-8 , 4.6 Attacks of Self-Denial (English, 326 pages).
^ Terry Slattery, A Self-Inflicted Denial-of-Service Attack. NetCraftsmen, accessed May 10, 2017 .
↑ FCC claims comment system attacked after John Oliver's net neutrality segment. The Guardian, May 8, 2017, accessed May 10, 2017 .

[rit-1] Michael T. Nygard: Release It! Design and Deploy Production-Ready Software. O'Reilly, 2007, ISBN 978-0-9787392-1-8 , 4.6 Attacks of Self-Denial (English, 326 pages).

[terry-2] Terry Slattery, A Self-Inflicted Denial-of-Service Attack. NetCraftsmen, accessed May 10, 2017 .

[fcc-3] FCC claims comment system attacked after John Oliver's net neutrality segment. The Guardian, May 8, 2017, accessed May 10, 2017 .