Just call it an internal DoS attack

If unnecessarily heavy workloads are hitting your SQL box, it's time to start treating them like inside hacking jobs

I often see shops with heavy reports hitting their database boxes, with little recourse for the admins. When the DBA tries to improve the SQL in those reports, he or she frequently meets with resistance from the business units because as long as the data returns, no one else cares how long it takes.

That's not only a common response, but it's also pretty disturbing because it shows a huge lack of understanding from people who are supposed to be data professionals. The more of these reports reside on your server, the more they drag down your resources. Before you know it, you can't get anything done, and not even simple queries get through. I've seen boxes that were so slammed from this type of activity that the DBA couldn't get in to see what the problem was.

[ Want to cash in on your IT experiences? InfoWorld is looking for your stories of an amazing or amusing IT adventure, lesson learned, or war tale from the trenches for our Off the Record blog. Send your story to offtherecord@infoworld.com. If we publish it, we'll keep you anonymous and send you a $50 American Express gift cheque. ]

Let me break this down for you in terms that most of you can understand. When someone runs code against your server, it maxes out resources and stops fulfilling requests, resulting in a DoS (denial of service) attack. It's a common technique among hackers who want to bring down Web servers.

Off the Record submissions

It's a clever attack that doesn't try to circumvent security or take control of the server. It just tries to inundate the server with fake requests so that it doesn't have time to do legitimate work. When hackers line up several servers for this purpose, it's called a coordinated DoS attack.

Well, guess what -- when your staff writes horrendous code against your SQL box, they're performing a coordinated DoS attack. It's, in essence, an internal hacking situation, and those reports need to be killed and the management informed right away. Believe me, if you went to the IT director with news that your SQL box is unresponsive because of a coordinated DoS attack and you've traced its origins, he'll listen.

1 2 Page
Join the discussion
Be the first to comment on this article. Our Commenting Policies