DDoS Attack
- Distributed denial of service (DDoS) attacks is a subclass of denial of service (DoS) attacks. A DDoS attack involves multiple connected online devices, collectively known as a Botnet, which is used to overwhelm a target website with fake traffic.
- A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
- From a high level, a DDoS attack is like a traffic jam clogging up with the highway, preventing regular traffic from arriving at its desired destination.
Difference Between DoS and DDoS Attack?
In a DoS attack, a perpetrator uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources (e.g., RAM and CPU).
On the other hand, distributed denial of service (DDoS) attacks is launched from multiple connected devices that are distributed across the Internet. These multi-person, multi-device barrages are generally harder to deflect, mostly due to the sheer volume of devices involved. Unlike single-source DoS attacks.
On the other hand, distributed denial of service (DDoS) attacks is launched from multiple connected devices that are distributed across the Internet. These multi-person, multi-device barrages are generally harder to deflect, mostly due to the sheer volume of devices involved. Unlike single-source DoS attacks.
DDoS attacks also differ in the manner of their execution. Broadly speaking, DoS attacks are launched using homebrewed scripts or DoS tools (e.g., Low Orbit Ion Canon), while DDoS attacks are launched from botnets — large clusters of connected devices (e.g., cell phones, PCs or routers) infected with malware that allows remote control by an attacker.
How does a DDoS attack work?
A DDoS attack requires an attacker to gain control of a network of online machines in order to carry out an attack. Computers and other machines (such as IoT devices) are infected with malware, turning each one into a bot (or zombie). The attacker then has remote control over the group of bots, which is called a botnet.
Once a botnet has been established, the attacker is able to direct the machines by sending updated instructions to each bot via a method of remote control. When the IP address of a victim is targeted by the botnet, each bot will respond by sending requests to the target, potentially causing the targeted server or network to overflow capacity, resulting in a denial-of-service to normal traffic. Because each bot is a legitimate Internet device, separating the attack traffic from normal traffic can be difficult.
What are common types of DDoS attacks?
Different DDoS attack vectors target varying components of a network connection. In order to understand how different DDoS attacks work, it is necessary to know how a network connection is made. A network connection on the Internet is composed of many different components or “layers”. Like building a house from the ground up, each step in the model has a different purpose. The OSI model, shown below, is a conceptual framework used to describe network connectivity in 7 distinct layers.
There are 3 Types of Attacks -
1. Application Layer attack
2. Protocol Attack
3. Volumetric Attack
Tools Used in DoS/DDoS Attacks -
1. Slowloris
2. LOIC ( Low Orbit Ion Cannon )
3. GoldenEye
4. HOIC ( High Orbit Ion Cannon )
5. XOIC
6. RUDY ( R U Dead Yet ? )
7. TOR's Hammer
8. THC-SSL-DoS
9. Pyloris
10. HULK ( Http Unbreakable Load King )
Andriod Tools -
1. AnDOSid
2. LIOC
No comments:
Post a Comment