What is DDoS Attack And Its Different Types
Cases of distributed denial of service attacks or DDoS attacks have become too common these days. Quite a few banks of the United States have been under the radar of such attacks. Wondering whether you have ever experienced such an attack or what it is? Well, I am going to tell you that what is DDoS attack and how to prevent it.
What is DDoS Attack
Have you ever experienced a website which usually performs well but at times it is way too slow beyond its reputation? It is possible that the website may have been affected by a DDoS attack. As the name suggests the attack creates a scenario where a service is denied to a user. In this case, it is the access to the website that is denied to the users. So now the question is, who would do it?
The answer is straightforward. A DDoS attack will usually be attempted by a hacker or a competitor website to ensure that the affected website is unable to provide the services and the users or the traffic is diverted to the attacker’s website.
A DDoS Attack eats up the resources of a server or a network to such an extent that the network just gives up. This is usually done by sending huge traffic generated via bots to the destination of attack. Thus, a genuine user is not able to access the services.
The mode of attacks may differ but the basic methodology remains the same. The mode of attack depends on the intent of the attacker. Some attackers may target individual users only, while others may directly target the server. On occasions, it is also done just by interrupting the connection between 2 servers that are associated with each other.
Types of DDoS Attacks
The DDoS attacks have been classified into different categories depending on the modus operandi.
UDP flood is a type of DDoS attack in which the attacker overloads the victim server with User Datagram Protocol (UDP). The objective of such an attack is to block the ports on a remote host. The victim server repeatedly searches for applications associated with the datagrams and when it finds none it returns a “Destination Unreachable” packet. As the receipt of such datagrams increases the system becomes overloaded and becomes unresponsive for a genuine user.
A SYN Flood attack is an attack that takes advantage of a well-known weakness. It’s the TCP connection. In a typical SYN request, the server will receive a SYN request and should return a response as an SYN-Ack. In continuation, the recipient of the SYN-Ack sends back an acknowledgment. I think it’s clear now that in a SYN flood that attacker sends a plethora of such requests from false IP addresses and never sends back an acknowledgment. The host keeps waiting for the response for each SYN-Ack resulting in a denial of service.
Ping Flood or ICMP
An ICMP flood or ping flood is like UDP flood. The attacker here sends a large number of ping echo requests simultaneously. The attack is designed to keep sending requests without waiting for a response. Such bombarding of requests nibbles the network’s bandwidth for incoming as well as outgoing requests. The result will be the same, the service will perish.
The most common of all the DDoS attacks. This attack sends a large number of HTTP requests that look like valid requests. The objective of such attacks is to eat up the server’s resources. Yet again the legitimate users are unable to access the service and they are denied the service.
Ping of Death
A ping of death flirts with the IP protocols. The modus operandi of such an attack is to send malicious pings to a target system. This type of attack is less common today but was very popular about a decade ago.
Smurf attacks target the IP address and the ICMP (Internet Control Message Protocol). Thus by nature, a Smurf attack resembles a ping flood. Its potential to create damage is multiplied as apart from sending multiple pings it also sends a malware called Smurf.
Slowloris attack’s main target is the web server. Once it catch-holds the target it keeps the connection for the maximum duration possible and keeps on flooding HTTP requests. Such attacks are very popular amongst hackers.
[ Also Read: Ways For Businesses To Ensure Cyber Security ]
Application Level Attacks
These are usually less effective and slower in nature. This attack identifies the vulnerabilities in the server and sends a swarm of GET and POST requests. These requests are camouflaged as legitimate requests they have no issue in finding their way. The higher the requests per second the sooner this attack will attain its objective of crashing the web server.
In these attacks, the attacker plays with the public network time protocol. This attack also sends multiple UDP traffic, however, there is an amplification as well. This means that response from the server is not proportionate to the number of requests. Such attacks can cause real carnage.
Advances Persistent DoS
This is a favorite of attackers who like to deliver a bloodbath. It combines different types of attacks and bombards the servers constantly. Such attack lasts for long and can have long-lasting effects as well.
Zero Day DDoS
This is the term given to the attacks that target the vulnerabilities for which a patch has not yet been identified.
Now that you know that what are the different types of DDoS attacks you must be wondering how to prevent them. Of-Course I am on my way to write a post on the prevention of DDoS attack and will add a link to this post.
Update 6th Feb : Here is the post on prevention of DDoS attack
Till the time you may want to read something about A Device that can hack iPhone 7 password easily.