DDoS Attacks – A Brief Overview
DDos attacks refer to an attempt to make a website inaccessible by overwhelming it with unwanted traffic from many sources. The main target of these attacks is normally a wide assortment of vital resources ranging from news channels to financial institutions to famous brands and sports websites.
How DDoS Attacks Are Done
DDoS attackers make several networks of botnets – computers that are infected by a forced spread of malicious software through social media, websites and emails. The infected devices can be controlled remotely without even their owners’ knowledge. Attackers use these machines like a strong military source to attack any targeted online service.
Botnets (infected devices) can produce large flow of traffic to overwhelm a targeted website. There are various ways to generate such traffic floods, such as having machines sent the targeted services large amount of random data to consume their bandwidth, sending more connections requests that a network server can accommodate. Some of the DDoS attacks are really severe and can max out the global cable capacity of a country.
There are generally different types of DDoS attacks that happen from multiple sources. These include:
These usually come in several pieces of packets and send a flow of TCP or UPD pieces to the targeted network/service to overwhelm its ability to reassemble the streams. Also, they can severely reduce the overall performance of an online service.
TCP Connection Attacks
TCP connection attacks are done to use all the connections that are available on the network to set up various devices such as firewalls, application servers, and load balancers. DDoS attacks can also hit those devices that can maintain state on thousands of connections.
These attacks aim to overwhelm a particular element of an application. Normally, application attacks are very strong and can significantly affect devices producing a low rate of traffic. In other words, these attacks can make it very difficult for specific applications to detect and transfer any suspected traffic including DDoS.
The main objective of volumetric attacks is to consume bandwidth within or between the targeted network/service as well as the rest of the internet. These attempts are simply meant to cause overcrowding on a network server.
Amplification of DDoS Attacks
DDoS or Distributed Denial of Service attacks make two methods to increase the traffic they send from numerous sources. These ways include DNS Reflection wherein small requests are sent to a DNS server, asking it to send the victim network/service a big reply. This way the attacker gets each request from their botnet increased as much as 70 xs in size which makes it much simpler to overwhelm the victim.
Another way the attacker can amplify its traffic is Chargen Reflection or solid stream of text. Chargen is basically an outmoded testing service that supports most PCs and internet-connected printers on the network. This service allows users to ask any device to reply with a chain of random characters. An attacker can use Chargen to increase attacks in the similar way DNS attacks are done.
There are specialized markets online that sell and buy botnets and DDoS attacks. Anyone can utilize their offers to damage the websites they do not like to see flourishing. Learn more by clicking at http://www.roninpbr.com/ddos-perspectives-a-network-operators-point-of-view/