DDoS AttackDecember 14, 2017

Have you heard the Ping of Death, SYN Flood, UDP Flood, Peer-to-Peer Attacks, Nuke, Reflected Attack, or other attacks that fall in the category "DDoS?"

What is DDoS?

DDoS is an attack method used to deny access for legitimate users of an online service. This service could be a bank or e-commerce website, a SaaS application, or any other type of network service. Some attacks even target VoIP infrastructure.

An attacker uses a number of computing resources, which they either built themselves or compromise vulnerable PC's around the world to send bogus traffic to a site. If the attacker sends enough traffic, legitimate users of a site can't get access.

Here's an Analogy:

If a bank website can handle 10 people a second clicking the Login button, an attacker only has to send 10 fake requests per second to make it so no legitimate users can login. There's a lot of reasons someone might want to shut a site down: extortion, activism, competitive brand damage, and just plain old boredom.

Types of DDoS Attacks:

Volumetric Attacks (connectionless) - Typically carried out using botnets and aims at causing congestion and so much of traffic that the bandwidth of the website is overwhelmed. Also known as "floods".

State-Exhaustion Attacks - These target connection state tables in firewalls, web application servers, and other infrastructure components. This is carried out by making a buffer overload occur, following which the target tries to respond to pings, thereby consuming more bandwidth and thus causing the targeted system to crash.

Application Layer Attacks (connection-based) - Targets weaknesses in an application/server. Aims at establishing a connection with an application/server and monopolizing processes/transactions in order to exhaust the application or server. Also called Layer 7 attacks.

A DDoS attack can be prevented by following solutions:

• Early identification of a DDoS attack helps. For this, keep an eye on inbound traffic and check for sharp traffic spikes.
• Having more bandwidth than necessary may also help as it helps contain unexpected traffic surges and also gives you the time to plan things in case an attack happens.
• Know the technical things to be done if you run your own web server. These may include doing things like adding filters that help your router drop packets that might be part of such attacks, rate limiting your router, setting lower SYN, ICMP, and UDP flood drop thresholds etc.
• Calling the ISP/Hosting provider whenever there is a DDoS attack helps manage it.
• Seeking the services of a DDoS specialist is also important.
• Having all necessary security software installed is very important.

A Trusted and Reliable Website Security Cloud-Based Provider is the logical choice for enterprises for their DDoS protection needs. They are the most cost-effective and scalable solution to keep up with the rapid advances in DDoS attacker tools and techniques. https://cwatch.comodo.com/