Routers are not perfect. For that matter, nothing is. So if somebody wants to give a router more than it can handle there is a way to do this. We’re going to take a look at what are called denial of service attacks.
A router can only handle so much information coming into it at one time. Every machine has its limits and routers are no exceptions. Well, when the nasty trend of denial of service attacks started early this century, routers were unprepared for them. As they began to understand what was happening they began to compensate for the problem. But there was still a way around it. To understand this we first have to understand what a denial of service attack is.
A denial of service attack is just as it sounds. It is when someone prevents the router or routers from servicing the network. The question is, how do they do this? As previously stated, a router can only handle so much information coming into it to be routed at a time. If too much information starts coming in then the router gets overloaded and can’t forward the information fast enough. Ultimately, what happens is this slows the network down to the point where nobody can access it. In a denial of service attack, which is a deliberate attempt to cause this problem, a person will send an enormous amount of information from one computer to the router at one time. Eventually, this will effectively shut down the network. The reason is because of the trickle-down effect. Once the main routers start to get overloaded they start to send messages to the rest of the network that the connection is full. These messages start to cascade through the entire network until all the pathways in the network are full and nobody can communicate with any server on the network.
When companies and web sites began to understand what was happening then started to put safeguards in place. They would put checks in the router software to see if a large amount of information was coming from one IP address. If so, then it simply discarded the information and didn’t attempt to pass it on. It seemed that the problem was solved. Not so.
Hackers began to figure out that if they send this enormous amount of information from multiple computers or IP addresses, the routers would have no way of knowing that a denial of service attack was in progress because it would see all this information coming in from multiple locations. Ultimately again, the network would effectively be shut down.
In response to this, manufacturers of routers have placed additional safeguards into their routers to simply check for unusual traffic. The problem with this is that in some cases there is a large amount of traffic that is normal, like in the case of a news site being hit with an overload because a major breaking story hits the airwaves.
It remains to be seen if the hackers or the router manufacturers are going to win this war.