Amplification attacks is a type of attack where requests are sent by the attacker from a counterfeit IP address (IP spoofing), which at the same time is the victim's IP. A substantial number of responses which the victim has actually not requested may lead to victim being taken out of operation.
Apache (Apache HTTP Server) is very popular and widespread software for web servers, which is maintained by the community under the sponsorship of the Apache Software Foundation. Apache is multi-platform and, therefore, it works in a lot of operating systems. It provides a lot of functions, as well as modules for expansion, such as support of Perl, Python, and PHP, or authentication modules such as mod_access, mod_auth, mod_digest, and mod_auth_digest.
API (Application Programming Interface) is an application programming interface. It works as a specification that has an intermediary function in mutual communication of software components. It concerns libraries of procedures, functions, categories, or protocols, which a programmer has available. API can contain specifications for data structures, entity categories, and variables. API itself can have various forms.
Backbone network usually refers to a family of sufficiently sized connections between various geographical localities. Properties of such network include high permeability and redundancy. It is usually realized using optical cables.
BDoS - Brain Denial of Service is a new type of attack. It is usually a DoS/DDoS attack when the system overload is only used to distract attention (the administrator's brain is busy solving problems in another part of the network) while the main attack target is a completely different machine or service, which is subject to a much less obvious attack at the same time, often aiming to compromise data.
Botnet is the name for a centrally managed network consisting of computers infected with a special malicious software. Botnet can perform undesired activities upon command of its "administrator", such as sending spam, DDoS attacks, etc.
Caching (Web Caching) is a technique of temporary saving web documents, images, HTML sites, etc. The advantage of Caching rests in reduction of the bandwidth use, server load, and lagging. Internet browsers cache, for example, websites so that they are displayed faster. Parts of webs also cache Internet browsers, which temporarily save images, as well as the whole pages. Everything is done to speed up work with visited websites.
Cloud computing means providing services or programs with the user being able to access them at any time from anywhere. The main characteristic is that the user does not pay for his own software (assuming there is a charge for the service), but for being able to use it.
ControlPanel is a client’s centre of services and tools developed directly by our company that is available at https://cp.coolhousing.net. It concerns the administration of ordered services, including a summary of payments or information on a client available to a client and/or a provider. This portal is secured by a qualified certificate of an accredited certification authority.
Cron is a tool that enables initiation of certain processes or commands (scripts, programs, etc.) in the pre-set time with a selected frequency. The software demon, which is what the cron is sometimes called, is some kind of a task planner in the system.
CZ.NIC is a special-interest association of legal entities established by the top Internet service providers in 1998. Currently, it already has 110 members. The association’s main activities rest in operation of the .CZ and 0.2.4.e164.arpa (ENUM) domain name register and further education in the domain area. Currently (2013), CZ.NIC is engaged in development of the DNSSEC technology and the myID service, development of the domain administration system, and support of new projects and technologies useful for the Internet infrastructure in the Czech Republic. CZ.NIC is also active in the EURid association, which administers the .EU European domain, and as a member of similar international organizations (CENTR, ccNSO, and others).
DDoS – Distributed Denial of Service means unavailability of services caused by any means, when the attack is initiated from two or more machines. Botnets are often mentioned in connection with DDoS attacks. As in the case of DoS attacks, DDoS attacks aim to cause unavailability of the given server by any means.
Dedicated server is an independent set of hardware devices backed-up by a provider, which is dedicated to a single client. A provider is responsible for the hardware (HW maintenance, power supply, connectivity, 24/7 technical support). A client who administers his dedicated server by himself is responsible for the software component. This type of a server is intended mainly for demanding projects with a heavy data load. In comparison with the shared hosting (e.g. VPS), dedicated servers have higher stability (only one client’s application that theoretically is not jeopardized by another client of the shared hosting runs on the server), better performance, and also a higher safety level. Configuration of a dedicated server can be designed completely individually.
DNS (Domain Name System) s a hierarchy system of domain names. The main function of DNS rests in conversion of domain names to IP addresses and vice-versa. DNS servers contain domain name databases and also their addresses. Thanks to this system, the requested address is displayed upon typing URL into the Internet browser’s address line. A browser asks the selected DNS server for the IP address of the domain.
Domain in simplified terms, is a website address. A domain name consists of several parts divided by dots. For the www.somewebname.cz website, the .cz part represents the national top level domain (so-called TLD – Top Level Domain). Every country has just one national top level domain assigned. Other domains, such as .eu, .net, .com, are generic domains. It is possible to register second-level domains in all these domains, which applies to regular websites how we mostly know them, e.g. already mentioned www.somewebname.cz. The third-level domain then would be, for example, somesection.somewebname.cz, which is called a subdomain.
DoS - Denial of Service mean unavailability of services caused by any means, when the attack is initiated from a single machine. The causes can include unplugging of a cable from the server, exploiting an application bug, reaching system, network adapter or application limits, or a shortage of system resources, such as CPU, memory, hard drive space or IO operations. DoS occurs every time the attack causes service unavailability.
DRDoS - Distributed Reflection Denial of Service is an attack where the attacker sends packets with a SYN flag (to initialize a connection) to many servers while the victim's address is set as the target address - i.e., the address of the server subject to the attack.
Failover we use this term to refer to an immediate (automatic) change for back-up solutions in the event of failure of the primary elements, without the need for any interaction with the user.
FENIX - The FENIX project originated at the Czech peering node NIX.CZ in 2013 as a response to intensive DoS attacks which targeted major Czech media, banks and mobile operators in March of that year. The aim of the project is to ensure availability of Internet services for at least the participating entities in case of a DoS attack. Coolhousing has been a member of the secure FENIX network since January 2015.
Flow(s) shows a number of new TCP connections made during one second (Flows/s). Depending on the time and utilization of the server, the value would usually be in a certain range. A sudden rapid increase of such value is usually a result of a DOS server attack.
FreeBSD is an operating system based on UNIX. It is the most widespread operating system from the BSD family, and it is available for free. A repository of thousands of programs and third-part distribution exist for FreeBSD. BSD systems are usually deployed in situations that require higher security.
FTP (File Transfer Protocol) is a network protocol intended for transmission of files over the Internet network based on TCP (Transmission Control Protocol) and, therefore, it is an application layer protocol from the TCP/IP family. FTP is often used to upload files to hosting servers. To access FTP servers, it is necessary to have a client that supports this protocol, such as FileZilla, SmartFTP, Cyberduck, FireFTP, or Total Commander.
High-Availability is a system with high accessibility and resistance to failure.
Housing, Hosting (server housig, server hosting) is a service of placing the client’s server in the provider’s data centre. A provider leases the needed space to a client and provides him with all necessary conditions for the server’s correct operation. A client has to take care of the server’s hardware and the operating system. Servers are located in air-conditioned rooms with the constant humidity, and they are connected to power supply sources that are outage resistant (UPS, diesel-aggregates). The 24/7 technical support and a client’s access to the server at any time are standard services.
HTTP (Hypertext Transfer Protocol) is the Internet protocol originally intended for exchange of hypertext documents between a server and a browser. HTTP is now used also for transmission of files, and it has other use as well. HTTP is the basis of communication for the World Wide Web (WWW) using the question → answer principle. HTTP sources are identified on the web and distinguished based on the URI (Uniform Resource Identifiers) or more likely URL (Uniform Resource Locator).
HTTPS (Hypertext Transfer Protocol Secure) is a combination of HTTP and the SSL/TLS protocol. HTTPS connection is encrypted using a certificate that, at the same time, provides information on the server/domain identity. The HTTPS protocol is used for payment transactions, orders, when handling personal or other sensitive data, etc. Credibility of HTTPS connections is built based on existence of certification authorities (certificate issuers) trusted by Internet browser designers. If a website contains invalid certificate, the majority of browsers would display a warning.
HW service means maintenance and repair of hardware, replacement of defective parts and guaranteeing of problem-free elimination of malfunctions of Managed and Dedicated servers.
IMAP (Internet Message Access Protocol) is one of two most common Internet protocols for accessing e-mail boxes (POP3 is the other one). The protocol is supported by a large scale of e-mail clients. The IMAP protocol enables data synchronization between a client and a server and, therefore, it is possible to utilize access to the e-mail server from several locations, even simultaneously.
IP address (Internet Protocol Address) is a numerical address of each device in the Internet network. The IPv6 protocol with the 128-bit address width has been recently implemented. The widespread and used IPv4 protocol using 32-bit addresses can no longer provide enough addresses for all network devices.
IPMI is an abbreviation for Intelligent Platform Management Interface. This is a standardised interface for remote administration and control of servers via the network. Servers equipped with this module enable remote control in the same manner as if the administrator were physically present at the server.
IPSec or IP Security, is security extension of the IP protocol based on authentication and encryption of each IP datagram.
IPv4 (Internet Protocol version 4) jis the fourth revision of this protocol and, at the same time, it is its first massively widespread version. IPv4 is a protocol that transmits data without guarantee. Data in the network is transmitted divided into packets, and their delivery or delivery order are not guaranteed. The data integrity control is provided only by the higher layer (the TCP protocol). So far, IPv4 has been the basis of the Internet communication.
IPv6 (Internet Protocol version 6) jis a successor of IPv4. The basic advantage rests in a much larger address extent. That brings flexibility when assigning addresses, absence of necessary translation/sharing of network addresses because insufficient address extent, etc. The prepared extent is very oversized, and it corresponds with 5×1028 addresses for each of 6.5 billion people currently alive.
ISP provider (Internet Service Provider) is a name for a provider of connection to the Internet. In the past, most of the ISP providers were telecommunication companies. Currently, these services are also provided by other companies that have a large scale of technologies available, such as WI-FI, DSL, optical and coaxial cables, microwave relay systems, etc.
Kernel, e.g. a core of the operating system, operates system resources and communication between software and hardware. The kernel is responsible for work with three main computer components – a processor, memory, and peripherals. It handles utilization for a processor. The kernel handles allocation for memory. Peripherals, such as keyboards, are operated by respective controllers implemented in the kernel.
KVM over IP (Keyboard, Video, Mouse over Internet Protocol) is a service that enables remote access to the server’s local console. You would welcome this service if, for example, network interface does not work on your server and, therefore, there is no access to the system using standard devices.
LAN (Local Area Network) is a name for a local computer network (e.g. in an office or home). The transmission speed is between hundreds of Mb/s and tens of Gb/S. The most commonly used technologies are Ethernet and Wi-Fi. The counterpart to the LAN network is the WAN network (Wide Area Network) that works in a large area. Every network consists of passive and active components. The active ones are, for example, a switch, router, and network card. The passive components are, for example, connecting cables, connectors, etc.
Linux is an operating system, usually with an open source code. Foundation of Linux was laid by Linus Torvalds who released the first usable kernel of this operating system in 1991. Since that time, Linux has developed into a lot of distributions, and its various clones can be found in a large scale of devices, from specialized automatic devices, PC, tablets, and mobile phones all the way to super computers. Popularity of Linux is enhanced by the fact that the majority of its distributions has been released under the GNU/GPL licence and, therefore, free of charge.
Malware (Malicious Software) is computer software intended to make a computer’s operation problematic, collect sensitive and personal information, gain unauthorized access, carry out electronic attacks, or similar – often illegal – activities. Creativity of malware developers, among which are also some state agencies, knows no limits. Malware, which we can encounter on the Internet basically anywhere, includes, for example, a Trojan horse, worm, virus, spyware, adware, rootkit, etc.
Managed server is a dedicated server provided with administration of the operating system and applications included. Therefore, a provider is responsible for the hardware and software components in the scope agreed in the contract.
Motherboard contains computer basic parts, such as buses, a memory controller, peripherals and discs, a processor base, memory slots, and slots for memory-expanding cards. A processor, memories, and a graphics card are inserted into the motherboard while other devices are connected via cables.
Microsoft Exchange is a proprietary mail system by Microsoft. It is usually implemented in large corporations. In addition to simple e-mails, it supports, for example, calendar sharing.
MySQL is relational database software. It is multi-platform, easy to implement and, therefore, the most wide-spread database system in the world. MySQL can be used for free under the GPL licence, or in the commercial variant that includes the manufacturer’s support.
NIX.CZ (Neutral Internet eXchange) is a special-interest association of legal entities established in 1996. This association of Internet providers’ goal has rested in building points where their networks could be interconnected, which is called peering. All members invest together in technologies and cover operating costs. General meetings and a lot of other meetings represent the ground for collective decisions made by members and clients, for which the association has organized frequent lectures. Currently, NIX.CZ operates five hubs in Prague.
Packet is a block of data transmitted within the network. From the aspect of network operation, a quantity of packets transmitted per second (pkt/s) is of consequence. A packet consists of a header (control data) and the transmitted information itself.
PostgreSQL is a relational database system with an open source code. It is distributed under the BSD licence that allows for use of an open, as well as closed code. PostgreSQL features the multi-platform operation.
Rack, is a steel box, into which client’s devices are placed above each other. The most often used width of devices in a rack is 19” or approx. 45 cm. Vertically, a rack is divided into U units. Therefore, U represents the height of a device placed in a rack; the height of one U is 1.75” = 44.45 mm.
RAID (Redundant Array of Independent Disks)is a field made of two or more physical disc units. Disc fields are created for the purpose of increasing performance of a disc subsystem and/or increasing resistance against errors. RAID can be controlled using a specialized controller (HW RAID) or a part of the operating system (SW RAID).
Redundancyis a label for at least two elements, which perform the same task. In the event of an outage or failure of a single element, the second/subsequent element in line automatically takes over the functions. A typical example of use of redundancy can be found with resources. One resource can fail, but the system, thanks to a second (redundant) resource can continue running without interruption.
Router forms an interface between networks. Based on internal rules and the BGP protocol, it decides where (and if) it sends the respective packet. A regular computer equipped with the routing software can be utilized as a router as well. However, specialized devices fluctuating in their sizes from a home Wi-Fi box to backbone routers the size of a wardrobe with tens of network interfaces are used more often.
Server Housing see housing
Server is a set of hardware devices (usually a computer), on which various Internet services, such as HTTP, FTP, SMTP server, etc., can be provided. Physically, as well as from the configuration aspect, a server can have various looks. Machines operating on the x86 platform in the rack or tower configuration are used most frequently.
Skids means an assembly set in a rack, which is essential for servers with a U design. The label "rails" is also used, since the server can be easily slid in and out with their help.
SLA (Service Level Agreement) is a contractual warranty defining an expected scope and level of services provided to a client. Such contract delineates sanctions for both parties if agreed obligations are not met.
SMTP (Simple Mail Transfer Protocol) is the most wide-spread protocol for transmission of the electronic mail (e-mails) over IP (Internet Protocol). SMTP is responsible for delivering e-mail to the addressee’s mailbox. Messages saved there can be read using the IMAP or POP3 protocols.
Smurf - This is an amplification attack where the spoofed packet with the victim's source IP is sent to the network broadcast address. For example, if you are a part of a network with the address 192.168.0.0 and mask 255.255.255.0, where 254 addresses can be active, you will receive 254 responses. Imagine the outcome of being in a network where there are for example 65 534 such addresses.
SPLA (Program Microsoft® Service Provider License Agreement) enables a provider to lease licensed Microsoft software for the purpose of providing services to end clients.
Spoofing – A piece of information with a false source is sent through the network to disguise the attacker's identity. Most frequently we encounter so-called ARP spoofing (forged ARP record) and IP spoofing (forged IP datagram).
Switch is an active network component that connects servers and individual network segments. A switch contains ports, to which individual devices are connected.
SYN flood - one of the simplest but also most dangerous attacks. SYN flood is an analogy of the Ping of Death attack, where thousands and thousands of counterfeit (spoofed) SYN packets are sent to a server, which usually runs out of memory, or backlog to receive all the new connection requests. This prevents the server from handling connections of legitimate clients.
U (Unit) is a specification for a unit size in a rack stand. U is 1.75“ = 44.45 mm.
Uplink (přípojka) s a server connectivity plug. Most often, it refers to the UTP cable with the RJ-45 terminal.
Virtualisation is a term used to describe procedures and techniques, which typically enable operation on one or more instances of an operating system on a single physical server. The performance of a single large physical server can be divided among smaller (virtual) servers, with each server functioning entirely on its own.
Virtual server (VPS – virtual private server) is a dedicated part of a physical server with its own installation of an operating system and services. One physical server (a cluster of servers) is divided into several virtual parts, which share devices of the physical server (cluster). This physical server (cluster) is marked as a virtualization server (NOD). During virtualization, emphasis is on virtual servers not affecting each other. For example, KVM by Red Hat is a suitable tool for virtualization of servers.
Vmware is software by VMware, Inc., which enables virtualization of physical servers.
VPN (Virtual Private Network) is an encrypted connection organized over the Internet that is usually used for remote access of the internal network.
WAF - Web Application Firewall is a hybrid web application firewall solution that has been developed by RadWare for protecting websites from various attacks.
Webhosting is a service for leasing space for operation of websites. It typically includes room for web files on a server, accessible via FTP, and database space.
Xen is open source software for virtualization of physical servers. It provides para-virtualization and virtualization with the hardware support.