Yahoo, Amazon, CNN, Microsoft and many other major Web sites have had their operations affected by attacks designed to block access from legitimate traffic. Now, software company Zeus Technology has developed an addition to its secure Web server that is being trialled by blue-chip clients.
The Zeus Secure Webserver analyses traffic sent to a Web site and decides if a request is intended to shut down or impair the performance of the site. If the software believes that the traffic is part of a DoS attack, it rejects the request.
Andrew Parker, vice-president of corporate strategy for Zeus, was clear that the software was not a magic pill that would stop all DoS attacks. "What the software does is fill a major security weakness that even the most secure Web sites have always been vulnerable to," he told CW360.com.
One DoS attack that may not be stopped by the software is a simple brute force flood, which tries to consume all the bandwidth available to a targeted Internet server.
Typically, a perpetrator creates a virus that spreads to number of innocent servers. At a pre-arranged time these servers simultaneously send seemingly legitimate requests to the target Internet server.
Neil Macehiter, senior consultant at analyst Ovum, said: "I think this is a very positive response. The underlying technology has the potential to solve some of the denial of service problems, but it does only solve a small sub-set of wider problems. The Zeus solution does not address low-level TCP/IP-style attacks."
Dealing with DoS attacks was not simply an issue of technology, Macehiter added. "The role of the ISP is a part of a wider business issue. ISPs need to set in place agreements that can stop these attacks at source and ultimately find culprits."
Parker believes that the Zeus software will deal with the most prevalent attacks. Even if an attack took out one server, he said the software would look at the rogue traffic and block similar traffic to the unaffected servers within the cluster.
Zeus is targeting customers of Microsoft's IIS Web server, which has been the target of recent DoS and virus attacks, including Nimda and Code Red. The software will be sold as an upgrade to the Zeus Web Server, and Parker said organisations should be wary of rushing out and replacing their Web servers.
"We're realists," he said. "Many companies have invested a great deal of money on Web infrastructure and it is unrealistic to expect people to change overnight. What we advocate is placing our software ahead of a Microsoft Web server, effectively using it as a shield."
The product is being trialled by BT and eBay but has not yet been evaluated by independent testing organisations.