By Distributed Denial of Service (DDoS) attack, the website or any online service is overloaded with traffic from multiple sources and thus make the website unavailable.
While Denial of Service (DoS) attack uses one computer and one Internet connection, DDoS attack uses many computers and many Internet connections, to flood a target resource with packets and distributed globally, which is termed as botnet.
A large scale volumetric DDoS attack can generate a traffic measured in tens of Gigabits (and even hundreds of Gigabits) per second, which the normal network will not be able to handle.
Botnets are the network of hacked machines built by the attackers, by spreading vulnerabilities through emails, websites and social media. These computers can be remotely controlled once infected, without the knowledge of the owner and used as an army to launch the attack.
A DDoS flood can be generated in multiple ways. For example −
These machines are used to generate high traffic which is out of reach to handle resulting in complete blockage of the service.
DDoS attacks can be broadly classified into three categories −
Volume-based attacks include TCP floods, UDP floods, ICMP floods, and other spoofedpacket floods. These are also called Layer 3 & 4 Attacks. The bandwidth of the target size is being saturated by the attacker. The magnitude of the attack is measured in terms of Bits per Second (bps).
Protocol attacks include SYN floods, Ping of Death, fragmented packet attacks, Smurf DDoS, etc. This type of attack consumes actual server resources and other resources like firewalls and load balancers. The magnitude of the attack is measured in terms of Packets per Second.
Application Layer Attacks include Slowloris, Zero-day DDoS attacks, DDoS attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Here the goal is to crash the web server. The magnitude of the attack is measured in terms of Requests per Second.
Many DDos protection options are available and depending on the type of DDos attack, the protection option is selected.
To start with the DDos protection, the possible OS and the vulnerabilities at the application level are closed by closing the ports, deleting unnecessary access from the system and hiding the server behind CDN system.
Many solutions help in filtering the DDos based traffic, if the magnitude of the DDos is low. But if the magnitude is high, say in gigabits, then DDos protection service provider need to help out, which offers a proactive and genuine approach.
There are a number of DDos protection service providers. Be careful in approaching and selecting the service provider, as they offer enormous services at huge costs.
Simple and working solution is search for a DNS service provider and configure A and CNAME records for the website. Then, search for a CDN provider to handle big DDos traffic and at the same time provide DDos protection service as a part of CDN package.
Assume your server IP address is AAA.BBB.CCC.DDD. Then the DNS configuration to be done is as follows:
The system administrator helps in understanding and configuring the DNS and CDN correctly. Follow the DNS configuration.
All DDos attacks are handled by CDN keeping the system safe. But under any circumstance, the IP address of the system or A record should not be disclosed.
DDoS attacks became quite common and there is no specific quick fix for it. However, if the system gets DDos attack, look into the matter and resolve it.
Ethical Hacking Related Interview Questions
|Networking Interview Questions||Android Interview Questions|
|CCNA Interview Questions||Routing Protcol Interview Questions|
|Firewall (computing) Interview Questions||Application Security Interview Questions|
|Cyber Security Interview Questions||TCP/IP Interview Questions|
|Owasp Interview Questions|
All rights reserved © 2020 Wisdom IT Services India Pvt. Ltd
Wisdomjobs.com is one of the best job search sites in India.