DDoS stands for “Distributed Denial of Service”. This is an attack directed at the server from a large number of computers. In this article, we will explain it in a more detailed way, what it is and how does it occur.
What is a DDoS attack?
The DDoS attack is also called a denial of service attack. Its main objective is to disable the use of a certain system or infrastructure so that it cannot provide the service for which it is intended. The attack can be directed to the computer network or the web server, for example.
All web servers have the capacity to respond to a certain number of connections at the same time. When this number is exceeded, its operation slows down, and can even be blocked and disconnected.
There are two types of techniques in these cyber-attacks.
1. DoS: In this case, the hackers make a massive number of requests to the webserver. Thus, they consume all their resources until a time comes when they are not able to respond to all of them and start rejecting them.
2. DDoS: In the DDoS attack, cyber attackers generate numerous requests from different computer equipment at the same time. Unlike what happens in the DoS attack, each request comes from a specific IP, so it is a much more complicated type of attack to detect.
The denial of service attack with greater relevance at the international level so far took place last year against a platform of projects in cooperation. The website stopped working for approximately 10 minutes. The reason? It received 1.35 terabits per second of information.
In any case, before a DDoS attack, the server does not return to its normal activity until it ends, which can occur for two reasons. On the one hand, computer security experts are able to stop the attack. And, on the other hand, that it is the cybercriminals themselves who decide to end it.
How does a DDoS attack occur?
Taking into account the basic principle of DDoS, carrying out such an attack is relatively simple. It would be enough for a large number of people to reload a certain website continuously. However, the tools used by cyber attackers are more complex.
Thus, they manage to create numerous connections at the same time. One of the latest techniques used is to send altered packets with false IPs, so it is impossible to find out who the attacker really is.
The use of botnets is also frequent. They are computer equipment networks infected by a Trojan, and that hackers can control remotely. Thus, users who saturate the server do not even know that they are doing it.
What are the types of DDoS attack?
1. Syn Flood: this is the type of DDoS attack that occurs most frequently. It is based on the principle of the TCP connection protocol, which requires a connection consisting of a total of three steps. However, if the final step is never taken, an open connection remains on the server for a certain period of time.
2. UDP Flood: using the UDP connection protocol, hackers send a massive amount of packets to the server, for which they use a large number of connections at the same time. Thus, the system crashes since it is not able to process such large amounts of information.
3. Connection Flood: Cyber-attacks express the difficulty of the webserver to respond to a large number of requests at the same time.
How to identify the DDoS attack?
Sometimes it is very difficult to know that an attack of this type is being suffered, even if the website is down. And it is that the server crash can be due to many other causes that have nothing to do with a DDoS attack.
It is important to pay special attention while the service is down. If the problem lasts several days instead of a given peak of time, the possibility of a denial of service attack must be assessed.
One of the parameters to analyze is if the same IP is consulting the same data before the Life Time has reached its end. If so, it could be a clear indication of a DDoS attack. However, in many cases, it is difficult to detect it since cyber attackers are responsible for generating traffic from a wide range of different sources.
If you are curious to know more about the DDoS attack, stay in touch, because, in the next article, VPNshazam will tell you how to combat the DDoS attack in the smartest way.