Shopping Cart 0 items
log in register
Today's Deals Forum Desktop Site
All Categories
Featured
Brands
Development
Sensors
Tools
Miscellaneous
Components
E-Textiles
Robotics
Wireless & IoT
Audio

WHAT IS A DDOS ATTACK?

by pamelapatterson1983

Favorited Favorite 0

A denial of service (DoS) attack is an attempt to do harm by rendering a target system, such as a website or application, inaccessible to ordinary end users. Typically, attackers generate a large number of packets or requests, which ultimately overload the work of the target system. To implement a distributed denial of service (DDoS) type of attack, an attacker uses many hacked or controlled sources.

In general, DDoS attacks can be divided into types depending on what level of the open system interaction model (OSI) attack occurs. Attacks at the network level (level 3), transport level (level 4), presentation level (level 6) and application level (level 7) are the most common.

Classification of DDoS Attacks

When considering methods to prevent such attacks, it is useful to divide them into two groups: infrastructure-level attacks (levels 3 and 4) and application-level attacks (levels 6 and 7).

Infrastructure level attacks

Infrastructure-level attacks usually include attacks at levels 3 and 4. This is the most common type of DDoS attack, which includes vectors such as SYN flood, and other reflection attacks such as UDP flood. Such attacks are usually massive and are aimed at overloading the network bandwidth or application servers. However, this type of attack has certain signs, therefore it is easier to detect.

Application level attacks

Attacks at the application level usually include attacks at levels 6 and 7. These attacks are less common, but at the same time they are more complex. As a rule, they are not as massive as infrastructure-level attacks, but are aimed at certain expensive parts of the application and lead to the fact that it becomes inaccessible to real users. Examples include a stream of HTTP requests to a login page, an expensive search API, or even Wordpress XML-RPC streams (also known as Wordpress Pingback attacks).

Methods of protection against DDoS attacks

Protecting yourself from DDoS attacks is not as easy as protecting yourself with VeePN vpn , but you complicate the task if you adhere to the following rules:

1. Decrease attackable areas One of the first methods to neutralize DDoS attacks is to minimize the size of the zone that can be attacked. This technique limits the ability of attackers to attack and provides the ability to create centralized protection. You must ensure that access to the application or resources was not open to ports, protocols, or applications that are not designed to communicate. In some cases, this can be achieved by placing your computing resources behind content distribution networks (CDNs) or load balancers and restricting direct Internet traffic to certain parts of your infrastructure, such as database servers.

2. Scaling plan

The two main elements of neutralizing large-scale DDoS attacks are throughput (or transit potential) and server performance sufficient to absorb and neutralize attacks.

Transit potential. When designing applications, you need to make sure that the hosting service provider provides excessive bandwidth to the Internet, which allows you to handle large amounts of traffic. Since the ultimate goal of DDoS attacks is to affect the availability of resources or applications, it is necessary to place them close not only to end users, but also to large nodes of the Internet traffic exchange, which can easily provide your users access to the application even with a large amount of traffic. Working with Internet applications provides even greater opportunities. In this case, you can use Content Distribution Networks (CDNs) and DNS Intelligent Address Translation Services, which create an additional layer of network infrastructure for serving content and resolving DNS queries from locations that are often located closer to end users.

Server performance. Most DDoS attacks are voluminous and consume a lot of resources, so it is important to be able to quickly increase or decrease the amount of your computing resources. This can be achieved by using excessive computing resources or resources with special features, such as more efficient network interfaces or an improved network configuration, which allows you to support the processing of large volumes of traffic. In addition, appropriate balancers are often used to constantly monitor and distribute loads between resources and prevent overloading a single resource.

3. Typical and atypical traffic details

Each time an increase in the volume of traffic arriving at the host is detected, the maximum possible amount of traffic that the host can process without compromising its availability can be taken as a guideline. This concept is called speed limit. More advanced protection methods, respectively, have additional capabilities and can intelligently receive only traffic that is allowed by analyzing individual packets. To use such tools, it is necessary to determine the characteristics of the good traffic that the target usually receives, and to be able to compare each packet with this standard.

Share this Wish List!

Link. You can share this list with the following link – just copy and paste:

Embed: Want to embed this wish list in an HTML page? Just copy and paste the following script tag:

Data: Just want a file you can save or pass around? We've got you covered. Click for CSV or JSON.

Product Subtotal Qty
Tweezers - Curved (ESD Safe)
In stock TOL-10602 		4.5 1   
Total: 4.5
Start a project on Hackster.io with this stuff

Turn this wish list into a Custom Kit Request