What is Distributed Denial of Service(DDoS) attack?
Distributed Denial of Services is a type of cyber attack that is mostly used by hackers to take down servers or websites. It has been a threat for big organizations and companies because in today’s generation many organizations put up competition against other companies that are making progress than their owner’s. They hire hackers and make them take down their competitors. Not only for competitors, but there are many other reasons why a hacker may take down servers or websites. Like rivalry, paid tasks, just for fun and etc.
Denial of services occurs when a targeted computer/server is flooded with malicious traffic until the resources are exhausted and the system goes offline. Distributed Denial of Services are much similar with Denial Of Services but the difference is the DDoS i.e Distributed Denial of Service the attack is amplified by enlisting other machines/servers in the attack to take down the target. Most of the large-scale attacks depend on botnets.
Common types of DDoS attacks used by hackers.
User Datagram Protocol that is UDP is a sessionless connection to a network. It is one of the most common types of DDoS attack that can be used in same DoS and DDoS attacks. Random ports are flooded on the target machine and that results from the machine to go down.
A “three type of handshake”, which is a reference to show how TCP connections work. The SYN-ACK communication type works in three steps and those steps are as follows:
- Firstly a “synchronize” message is sent to the target machine to start the conversation with the machine.
- Secondly, the connection is “acknowledged” by the host machine i.e the target machine. After this process, it sends a “handshake” request and waits for the host machine to close the connection.
- Now if the machine accepts the request of the handshake, it closes down the connection.
A SYN flood attack will send repeated spoofed request to the machine from many sources and instead of the machine to go offline, it times out. Eventually, when a strong attack is sent i.e many sources are involved in it, the server has higher chances to go offline.
Ping of Death
Ping of Death that is also called as “POD” is Denial of Service that manipulates IP sending larger packet then minimum allowance under IPv6 that is 65535 bytes. Larger packets are divided across multiple IPs but when they are reassembled, they become a strong one and that is what we call it as “fragment” attack that is also known as “FRAG” in many booter services.
Note:POD isn’t effective nowadays because the firewall that is installed in routers now block the “ICMP” packets that come in flood.
A reflection attack is where an attacker sends forged packets from many different sources. The target machine accepts and replies the attacking machine but as we already mentioned, the attack is made up from many different sources and when the target machine is overloaded by replying the packets from attacking machine, it closes down or goes offline.
Slowloris is one of the most powerful attacks that are very difficult to mitigate. Slowloris is a tool used by the attacker which uses fewer resources. During this attack, the Slowloris opens a partial connection with the target and stay online for as much time as possible. It also sends HTTP headers when the connection is established. This HTTP request is added in the connection. The session lasts long until the server’s resources are exhausted and the system goes offline.
Application Based Attacks
Application-based attacks are the attack that is used by the attacker to target a specific application installed on the server. Rather than taking down the whole of the server, it exploits the vulnerability and takes down the application. The most of the applications that are targeted by this attack are WordPress, MyBB, Joomla and other CMS and web forum applications.
We’ve written down all the basic types of DDoS attacks that occurs nowadays. Write your reviews in the comment box!