Thursday, March 30, 2023
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > What is Distributed Denial of Service (DDoS)

What is Distributed Denial of Service (DDoS)


Atalay Kelestemur Atalay Kelestemur
January 9, 2023
5 min read
What is Distributed Denial of Service (DDoS)

DDoS stands for “Distributed Denial of Service” attack which is aimed at a target, preventing the system from serving and preventing users from accessing the system. Each system has a volume of network traffic than it can handle. When these resources of the system are overloaded by attackers, system services slow down and even the services provided by the system collapse completely as a result of these attacks.


Table of Contents

  • History of DDoS attacks
  • Typical targets of DDoS attacks
  • How does a DDoS attack work?
  • Symptoms of a DoS/DDoS attack
  • Main types of DoS/DDoS attacks
    • Volume-based DDoS
    • Protocol-based DDoS
    • Application Layer DDoS
  • Common DoS/DDoS attack types
    • HTTP Flood
    • UDP Flood
    • ICMP Flood
    • Ping of Death
    • Syn Flood
    • TearDrop
    • Smurf
    • DNS Poisoning
  • DoS and DDoS attack prevention methods

History of DDoS attacks

The first Dos attack was carried out by a high school student in 1974, and the first DDoS attack was carried out in 1999 using a vehicle called Trinoo against the University of Minnesota. Dos and DDoS attacks are not intended to infiltrate the system but disrupt the services provided. The target of the attack will cause material and moral damage during the period of service. They are also frequently used in international cyber wars.

Nowadays it has become very easy to do. These attacks can be carried out with simple tools that are easily accessible. With the help of these tools, not only a hacker but also a script-kiddie may generate DDoS attacks on the victim. There are also several websites that provide DDoS services for penetration testing and development companies. But these services may be used maliciously, which may result in a DDoS attack.


Typical targets of DDoS attacks

DDoS (Distributed Denial of Service) on the other hand, denotes that the attack is initiated from a number of different sources rather than a single source. DDoS attacks are more successful than Dos attacks. Since it is carried out from multiple sources to the target, it is difficult to identify the main source. To perform DDoS attacks, botnets consisting of remote-controlled devices called zombies are used.

These zombie computers are electronic devices possessed by hackers and are used for the purposes of attackers. The sources are infected with a Trojan that is used to target a single system, causing a DoS attack. A network of infected computers, controlled as a group without the owners’ knowledge is known as Botnet. An infected computer in a Botnet is called a Zombie Computer.

DDoS attacks may target several infrastructures. The attacks may target a bank, a governmental institution, a school, or a rival company. The following is the list of most common DDoS attack targets:

  • Online banking systems
  • Internet shopping sites
  • Online casinos
  • E-Government services
  • Universities
  • Rival organizations
  • All businesses or organizations based on providing online services

How does a DDoS attack work?

The number of requests that network resources, such as Web servers, can simultaneously serve is limited. In addition to the server’s capacity limit, the channel that connects the server to the Internet has a limited bandwidth/capacity. Each time the number of requests exceeds the capacity limit of any component in the infrastructure, the service level will likely encounter one of the following issues:

  • Responses to requests are much slower than usual.
  • Some (or all) user requests can be completely ignored.

Generally, the attacker’s main purpose is to completely prevent the normal operation of the web resource, that is, to provide a full “denial of service”. An attacker can also charge money to stop the attack. In some cases, the DDoS attack may also be an attempt to damage a competitor’s reputation or damage its business.


Symptoms of a DoS/DDoS attack

Although it is hard to find the source of a DDoS attack, some of the symptoms let the relevant people and the systems understand there is an attack. New generation security devices are better to understand anomalies in the network traffic. You can also ensure that there is a DDoS attack if the following symptoms exist:

  • System speed is slower than normal or becomes unusable
  • Unusual system network traffic
  • Excessive UDP, SYN and GET / POST requests

Main types of DoS/DDoS attacks

Generally speaking, DoS and DDoS attacks can be divided into three types:

Volume-based DDoS

Request packets are sent above the server’s bandwidth. Volume-based DDoS includes UDP floods, ICMP floods, and other spoofed-packed floods. Measured with Bits per second (Bps).

Protocol-based DDoS

Protocol-based DDoS attack is performed using the vulnerability of Layer 3 and Layer 4 of the OSI protocol. This type of attack consumes server resources. Measured in Packets per second (Pps).

Application Layer DDoS

Application layer DDoS attack is performed using the vulnerabilities of the services in the application layer, which is the 7th layer of the OSI protocol. Measured in Requests per second (Rps).


Common DoS/DDoS attack types

Now you know what is a DoS/DDoS attack and the three types of a DDoS attack. Here you can find the list of the common DoS/DDoS attack types below:

HTTP Flood

The attacker forces the system by continuously sending get or post requests to the target page. HTTP floods do not use malformed packets, spoofing or reflection techniques. This type of attack also requires less bandwidth than other attacks.

UDP Flood

UDP Flood attack is performed using the UDP protocol. An attacker sends a large number of UDP packets to the ports of a computer. The computer, which is the target of the attack, checks the use status of the port and responds with the ICMP packet if not used. A large number of ICMP packets are sent in response to a large number of UDP packets.

ICMP Flood

The ICMP protocol sends ICMP request packets to the target system and waits for a response from the other system. This forces the system to respond to a large number of requests. Similar to the UDP flood attack, an ICMP flood wastes the target resource with ping packets.

Ping of Death

The attacker sends multiple malformed or malicious pings to the target. The aim is to disrupt the target machine by sending a packer, larger than the maximum allowed size. Ping of death slows down the target system by sending the large ICMP request packet. The attack may result in freezing or a crash.

Syn Flood

The TCP protocol performs a triple handshake connection. This triple handshake indicates that the client wants to establish a connection by sending an SYN message to the server. The server accepts this message by sending an SYN-ACK message. The client then makes the connection to the ACK side. The SYN flood attack does not send the ACK message that the server is waiting for. Requests increase continuously and the system can no longer connect.

TearDrop

In the UDP protocol, packets are fragmented and sent to a system, which is divided into offsets and numbered. Reassemble according to offset values. These offset values ​​should not overlap. If a conflict occurs, there are situations where the system cannot be processed. In the Teardrop attack, these offsets are performed by overlapping and sending.

Smurf

Ping request packets to the destination are sent to the network’s directed broadcast address, which sends ping request packets to all devices on the network. The return address of the ping request packets is changed to the IP address of the destination. All devices on the network also send ping packets to the target device. This ensures that both the attack and the identity of the attacker are hidden.

DNS Poisoning

DNS is the server that provides IP matches to access the person’s website. The attacker will harm the victim by damaging the malicious drinks he has prepared here by destroying the matching of the website to be accessed and directing him to another IP address.


DoS and DDoS attack prevention methods

As these attacks are now very simple, they are an important threat to organizations and systems. Although there is no definite method to prevent these attacks, especially DDoS attacks, precautions should be taken to alleviate the attacks and the network infrastructure of the system should be configured properly. It is more important to take pre-attack measures and detect them early before the attack is prevented.

  • Use a firewall and antivirus software or hardware
  • System updates should be made in a timely manner
  • Network traffic must be monitored, and network devices should be configured for exceptional situations.
  • For routers, methods such as rate-limiting, blocking false and corrupted packets, determining threshold values ​​of SYN, ICMP and UDP packets can be applied
  • Bandwidth should be higher than the institution needs
  • For large organizations, the use of Content Distribution Network (CDN) data storage across multiple servers around the world can be applied.

See more Cybersecurity News

A comprehensive guide to understanding Cybersecurity: What is Cybersecurity?


Atalay Kelestemur

Atalay Kelestemur

Atalay Kelestemur is the Editor-in-Chief of Cloud7. Also, he is the Program Manager of AlmaLinux OS, an open-source, community-driven Linux operating system. He was most recently the chief editor of T3. Prior to that, he was the managing editor of BYTE. He also served as a software editor in PC World. Atalay Kelestemur has covered the technology industry since 1996, publishing articles in PC Net, IT Pro, Computer World, PC Life, CyberMag, and CIO magazines. Atalay Kelestemur is an information system security professional and his area of expertise includes Linux security, penetration testing, secure software development, malware removal, and computer forensics. Atalay Kelestemur is the author of Pardus 2011, Ubuntu, Windows 8, and Siber Istihbarat (Cyber Intelligence). Atalay graduated with a Bachelor's Degree in Maritime from Istanbul Technical University. He earned a master's degree in political science from Gedik University, where he wrote his thesis on The Importance of Cyber Intelligence on Public Security. Now he is working on his Ph.D. thesis on international trade, covering the cybersecurity threats and countermeasures on the maritime industry.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
What is IPv4

What is IPv4

Related News

What is Continuous Testing in DevOps_

What is continuous testing in DevOps?

March 29, 2023 8:00 pm
What is Browser Automation Get Started Guide

What is browser automation: Getting started guide

March 29, 2023 4:00 pm
7 best live chat plugins for WordPress

7 best live chat plugins for WordPress

March 29, 2023 3:00 pm
All you need to know about mobile automation testing

All you need to know about mobile automation testing

March 29, 2023 2:00 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the free newsletter

Subscribe to receive the latest IT business updates straight to your inbox.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Recent News

  • Trisquel GNU/Linux 11.0 review
  • What is continuous testing in DevOps?
  • [Event] FOSSASIA Summit 2023 – Get your discounted ticket now
  • What is browser automation: Getting started guide
  • 7 best live chat plugins for WordPress

Cloud7 News
Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Artificial Intelligence
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About Us
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2023, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Software
    • Network/Internet
    • Hardware
    • Artificial Intelligence
    • Windows
    • Policy/Legislation
    • Blockchain
    • Troubleshooting
    • How-Tos
    • Articles
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Podcasts
  • Web Hosting Directory

© 2023, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.