Main menu


DDoS Attack and Passive SEO

What is Passive Search Engine Optimization (SEO)

Business owners worry about marketing their business, so they take steps to make it visible to target markets online. But that may be the least of their worries, because unscrupulous competitors are coming out of nowhere and attacking their SEO rankings or banning them from Google search engines for violations.

Negative SEO has been a topic in almost all online marketing forums where inquiries are asked to see if competitors are able to attack your website with such ferocity. Recent experiences have shown that negative strategies can negatively affect both your SEO ranking and Google’s acceptance rating, contrary to what was said earlier.

Google has come up with security measures on its own to ensure that search engine rankings are not tampered with by website owners. The punishment is harsh – it gets banned from the Google search index immediately. Negative SEO practices include using many backlinks pointing to the target site to mislead Google’s algorithm and manipulate SEO rankings.

When Google’s crawlers find your site with an abundance of questionable backlinks, they do the obvious thing – punish you by taking you out of Google’s rankings. Most of the high authority websites – your local chamber of commerce, local education websites, trade organizations, charities, television and news programs you may not have to worry about. These sites have so much power that no amount of negative attacks can stop them from Google.

However, small businesses and website owners are usually more vulnerable to such an attack. There are several classic ways on how to do this:

1. When you talk about negative SEO, you are most likely to think of: spammers and competitors whose desire is to lower your ranking or get you out of Google search engines. They can do this by using malware, hacking or injection. Intrusive hackers may find vulnerabilities in FTP logins for security so that they can easily attack them.

Hackers may come and pump up spam or unwanted links to change your location. Another example is spammers modifying your text file to block Google’s crawlers or restrict the Internet Protocol (IP) to a specific domain. What will happen next is that you will be taken out of search engines and more likely to infect visitors with malware and viruses, unless the security holes are patched.

2. The most ferocious and biggest method attackers are using at the moment is to direct infamous links to your website. This issue has been discussed in a number of forums, as it has been observed that a number of sites offering negative SEO services have appeared at the moment. These sites have managed to get rid of a lot of ratings from a number of small businesses. Being exposed to this kind of strategy might not get you banned from Google right away, but it can definitely pull your ranking status a few stairs down.

What can you do?

1. It may be a good idea to review which sites are linking to your website. You can leave it or remove it if you are not satisfied with the quality of the sites.

2. You must have strong brand signals to begin with: a good brand name, good links, well-written press, high metrics, lots of people searching your website – it will protect you from negative SEO campaigns.

3. Your website must have a solid foundation and be equipped with the necessary metrics tool to monitor illegal play. Playing the field above the board by being honest in your dealings with Google can go a long way. Google has devised an update to the Penguin algorithm and Google Webmaster Tool to identify patterns that tend to engage with links. Obviously, it is difficult for them to determine if a site has serious issues of its own or a competitor is using negative SEO.

4. Hence, as a website owner, knowing these controversies should help you enhance your awareness of the issues facing negative SEO. These will also help maintain your long-term presence in the market and maintain your well-deserved Google ranking as well.

What is a distributed denial of service (DDoS) attack?

DDoS is an attack on a network resource by making it unavailable to its intended users. The motive will generally be to disable the hosting services of the service provider either temporarily or indefinitely to damage the business. The targets of these attacks are usually high-resolution web servers such as banks, credit card companies, and root name servers. It is usually carried out by disaffected competitors and as a tool of the resistance movement. It is sometimes referred to as the “Internet Street Protest” as stated by Richard Stallman, a computer programmer and well-known activist in the Free Software Freedom Movement.

There are many DDoS attacks that are able to bring networks to their knees. Among the most common are the following:

1. Flooding the site with useless traffic or communications that render the site unable to respond to legitimate inquiries. This is known as a SYN flood attack. An attacker can flood the server with TCP/CYN without acknowledging the server’s CYN response. The result is that the session table is filled with session queries making it unable to accept legitimate queries to connect until the idle timer goes off.

2. ICMP Flood Attack – Similar to CYN Flood Attack. The only difference is that the attacker dumps a large number of ICMP echo requests with a fake IP address. This has caused a lot of sleepless nights for network administrators in the past, as they were among the first to be “killed” by using several methods.

3. UDP Flood Attack – This is similar to an ICMP attack, except that IP packets containing a UDP datagram are used against their victims.

4. Ground attack – The attacker uses the IP address of the victim as the source and destination. If the victim is not aware of the attack, they may end up trying to contact it and deadlocking loop until it hits the idle timeout value.

5. Teardrop attack – This is a type of fragmentation and IP packet reassembly attack in which an attacker can send fragmented IP packets. These packages contain nested fragment compensation to exhaust the victim’s resources in recompiling.

6. Ping of Death – a form of ICMP that causes a system crash. The attacker sends an IP packet containing more than 65,507 bytes of allowed data which causes the system to crash.

What do I do?

Regardless of the type of DDoS attack, current technologies fall short of mitigating the damage they can destroy at any time. Some of the techniques used have not been improved to counter the increasing sophistication of attacks we see today. Firewalls are primitive forms of preventing such incidents but are not specifically designed to protect internal system from the more advanced types today. Other strategies such as excessive provisioning do not guarantee complete protection against large, nefarious attacks, and are too costly as a DDoS prevention strategy.

Businesses with an online presence can invest in DDoS protection. This type of protection may have a cost of its own to implement. However, a DDoS solution may have compelling reasons in terms of future revenue streams if comprehensive protection solutions are put in place. It is imperative that large corporations, government units and service providers among others, protect the integrity of their business operations as a matter of company policy and as a means of market survival.


table of contents title