10
3
I’m wondering if the maximum speed of a network card would reduce the chances of a DDoS affecting a home-hosted website.
In this scenario, I’m hosting my website from an Android Tablet where the maximum speed incoming/outgoing is 10mbps.
TheJamaicanGuy
Posted 2014-12-30T01:00:22.300
Reputation: 181
17
I’m wondering if the maximum speed of a network card would reduce the chances of a DDoS affecting a home-hosted website.
Not really. Perhaps the network bandwidth could be saturated to the point of the network connection being unusable, but a faster network connection would not prevent that from happening. It would only delay the inevitable by seconds/minutes.
The core detrimental impact of a DDoS attack is not really the network connection itself but rather the services behind it. Meaning if you are running a classic L.A.M.P. stack website (Linux, Apache, MySQL & PHP) then a DDoS attack would be most detrimental to those services. And the impact would hinge on the way the site is coded and how those subsystems work.
For example, let’s say your site uses tons of database calls. And you really only tested it on your desktop development environment where you are the sole use. Then the reality is that even a minimal amount of traffic could cause your database server to choke based on the basic engineering of the site. Similarly, if you are using pre-canned CMS systems or frameworks, let’s say someone discovers an exploit to that CMS or framework, then they could just pummel your site based on that exploit and next thing you know… Your site is down.
Basically, I am focusing on the database (MySQL) aspect based on my experience of doing 20+ years worth of web development, engineering and Linux systems administration. And as I move into the world of Ruby-on-Rails and apps that use MongoDB as a datastore I see similar issues. Generally, the database is pretty much the weakest link on a dynamic website and the lack of proper configuration/optimization will bring your site down faster than you can imagine. I once managed a site where the developer made 400+ (!!!) individual MySQL calls for one simple page; and the developer was oblivious to the fact that 400+ calls to MySQL would slow the page down. Details like that matter.
So if DDoS is a concern—but you don’t feel like performance tuning your base web server software install—I would recommend pumping up the RAM on that server and perhaps having faster hard drives installed. Past that, network card speed is a non-factor at best.
JakeGould
Posted 2014-12-30T01:00:22.300
Reputation: 38 217
5While some DDoS attacks do indeed work by depleting the server's resources (RAM, CPU, storage, etc.), a lot of the DDoS attacks we've seen lately focus on oversaturating the victim's bandwidth. Actually, I've noticed that they're pretty much the majority of attacks we have around now, mainly because of the availability of commercial botnets and the recent popularity of magnification-based attacks. – Adi – 2014-12-30T04:14:57.273
@Adnan Fair enough, but even in that case the pipeline would be saturated in a way that the extra perceived speed of the connection only delays the DDoS by seconds/minutes. – JakeGould – 2014-12-30T04:25:35.633
In addition to this great answer, I'd like to point out that if you don't feel like/don't know how to optimize your app, an easy solution is to install a reverse caching proxy like Squid or Varnish in front of the server; it works great for sites that don't change frequently like blogs. – None – 2014-12-30T07:34:23.433
@JakeGould Your answer made me wonder. Suppose someone discover a way to magically identify all DDoS-purpose packets and I create a rule with that method in iptables or any other firewall. If attackers keep nuking me and my firewall keep dropping all the packets, does my connection still get saturated? – mordack550 – 2014-12-30T14:19:05.450
Bitrate refers to the speed at which data flows in and out of a network, often measured in bits per second (bps). During a DDoS attack, the bitrate of the target network is significantly increased, which can cause problems with resource availability – akash ujjwal – 2014-12-30T16:16:59.190
7
Basically no. There are several DDOS types of attacks, some of which require very little bandwidth. For example, a syn attack in which the attacker sends a syn packet to your site saying "Hey, I want to establish a connection." Your server reserves a small amount of memory and sends a syn-ack reply. The address was spoofed so it goes nowhere. The attacker just rinses and repeats and it requires very little bandwidth on their side. Meanwhile on your server, it keeps allocating memory to establish the bogus sessions that it basically runs your server out of RAM. This is only one type of attack and some servers are resistant, but there are many other types. It isn't the LAN port that gets saturated in these types of attacks, it is your server RAM.
Blackbeagle
Posted 2014-12-30T01:00:22.300
Reputation: 6 424
5
In addition to the other answers here, DDoS attacks often don't need to even reach your webserver many types will hit the modem/router of your public IP and overload that interface.
If you had a gigabit internal network from your router/switch to your web server but only a 20mb link connection to your ISP it is the latter which suffers from a DDoS attack.
Even having a good firewall to block those attacks from reaching your web server doesn't prevent the attack because there is so much traffic/noise that legitimate requests get missed/are unable to get responses due to the node before the webserver being overloaded.
Abraxas
Posted 2014-12-30T01:00:22.300
Reputation: 3 704
36"I’m hosting my website from an Android Tablet" what? – Braiam – 2014-12-30T02:50:45.063
1(In reply to person above) Using a webserver application you can run a webserver with PHP and MySQL on android – TheJamaicanGuy – 2014-12-30T02:53:49.363
I suspect you'll have quite a few other bottlenecks. Is this over wifi? – Journeyman Geek – 2014-12-30T02:56:54.107
Yes, currently using Wifi. It can support a usb ethernet dongle however. – TheJamaicanGuy – 2014-12-30T02:58:50.803
8I want to say something sarcastic about using an Android Tablet for a webserver, but a computer is a computer. But the thing is with an Android Tablet you will be limited in what you can do to tweak the system. My answer is about more of a standard server environment. Whatever tweaks one could make there might be doable on the Android Tablet, but only if you have truly deep configuration abilities. – JakeGould – 2014-12-30T03:07:13.853
1An Android tablet is a perfectly reasonable place for a web server when used for certain specific applications: I would not expect a publicly-facing site which could be DDoS'd is one of them. – None – 2014-12-30T05:13:55.173
11I'm having trouble understanding the logic here. If the network connection is slower, doesn't that make it easier for an attacker to saturate it and thus deny service to legitimate users? – cpast – 2014-12-30T05:19:07.073
@cpast There are many different kinds of DDoS attack methods. Pure bandwidth saturation is one of them but in my humble opinion, it is not one of the more common ones. – JakeGould – 2014-12-30T06:49:03.463
1@Snowman An android tablet is a bad idea to host a website facing the outside world. Most servers for android can't handle more than 1 connection at the same time. If the server gets 30 hits at the same time, depending on the RAM usage and CPU usage and the bandwidth used and how the settings are, your tablet will crash in no time. – Ismael Miguel – 2014-12-30T14:29:20.500
@IsmaelMiguel hence my stating "a publicly-facing site" is a poor choice for an Android web server. – None – 2014-12-30T15:39:55.980
1@Snowman I would never say poor, but rather "a wave of headaches due to a terrible decision". I would rather have a Pentium III running with 512MB RAM over a Quad-core nVidia tegra tablet with 3GB RAM. – Ismael Miguel – 2014-12-30T21:05:47.403
2@IsmaelMiguel I have an old Celeron around (2.6ghz single-core, 1280mb ram) which still works flawlessly. Would that be better to use compared to the tablet (1.2ghz dual-core, 512mb ram)? – TheJamaicanGuy – 2014-12-30T21:24:50.683
1Yes @TheJamaicanGuy, just yes. I also logged in today just to upvote Braiam's comment. – NobleUplift – 2014-12-30T22:05:31.630
@TheJamaicanGuy If you compare a single-core 800MHz ARMv7 CPU vs. Intel Pentium II 233MHz, the ARM will be defeated easily (saw this reference somewhere a long time ago, can't find it). Also, due to it's architecture, ARM is a RISC architecture while x86 is a CISC architecture. You can read http://stackoverflow.com/questions/14794460/how-does-the-arm-architecture-differ-from-x86/14795541#14795541 for more differences. Being this said, and assuming you read the link, ARM is by nature inferior in performance but also on power. This means that the same request on an x86 will take longer on ARM.
– Ismael Miguel – 2014-12-30T23:32:48.443@TheJamaicanGuy (continuing....) If it takes longer to process a request, the system can more easily be overloaded with pending requests due to exhaustion of resources due to some delay. Even a user swiping the finger on the tablet will cause a massive performance drop. Not to mention that all the power saving techniques will be "ignored" and the tiny little heat-less CPU will turn into a grill. Probably causing physical damage and (possibly) even catch fire (assuming it will be always charging) and that is not a good thing. This last problem is fixed on x86 with a good obligatory cooler. – Ismael Miguel – 2014-12-30T23:37:05.673
@TheJamaicanGuy (continuing...) This said, YES!!! Use that old dusty thing! Most pages won't need more than 2MB to load and do it's things! At work, using PHP, the heaviest website we have only takes around 1MB of RAM (except when processing image, that takes around 300MB depending on the image). Your computer is over-qualified to be a simple server to serve your personal page with a higher traffic than your tablet could ever possibly handle. Use it and you will see you won't regret! You can make a proper server with your old Celeron and with a proper Linux install. – Ismael Miguel – 2014-12-30T23:41:54.917