What is DDoS attack and what can we do to prevent it
What is DDoS;
DDoS is a kind of an online attack to a web server, aiming at rendering the server non operational or to operate for the causes of the attacker.
But let’s take things from the beginning.
What exactly does DDoS mean?
DDoS is the abbreviation for Distributed Denial of Service.
How does a DDoS attack work?
In a DDoS attack the system-victim is flooded with a high volume of traffic from thousands of different sources, so much so that it is impossible to cope with, because of the many attack points and because as long as the attack lasts the server-victim resources are depleted (RAM, CPU) .
I’ve heard/read that there is also a DoS attack. Is it the same?
Essentially it is the same but the main difference is that in the DoS, the attack happens from a system-abuser to a system-victim, while in the DDoS attack many systems-abusers attack a single system-victim.
Are there many types of DDoS attacks?
There are 4 types of DDoS attacks that make the foundation for several combinations with each other and variations.
- SYN Flood: Numerous TCP connection requests (SYN packets, the first packet of the triple-handshake) sent to a machine at such a rate, that the server cannot cope with the processing of all these. Often, these packets are sent from randomly generated IP addresses with a spoofed source. The server responds to the SYN request, and sending a SYN-ACK tries to establish a valid connection, then waits for confirmation (ACK) for a certain time, but confirmation never comes. Thus, the server connection table fills so all new connections are reduced and authorized users-clients basically are cut off from accessing the server.
- Connection Flood: It is an attack that creates a vast number of empty connections in the target server. Only packets establishing the triple handshake (SYN, SYN-ACK, ACK) are sent without any data transfer, and the server starts to wait for data, within the parameters of TCP keepalive if such set, which never come. As the name implies, the goal is to create a large number of real links from real IP’s, devouring the backlog connections capacity in the target server.
- UDP Flood: It mainly aims on the depletion of bandwidth. A great number of large packets (up to 35 Kb) are sent, often by IP addresses with a spoofed source, to a specific server via UDP computer networking protocol (User Datagram Protocol). To intensify the abuse of bandwidth, sometimes packets are sent to random server ports, thereby increasing the rate of ICMP return, in which case the server-victim usually responds with an ICMP Destination Unreachable packet after checking for applications that listen to the corresponding port and having found nothing. The connections bandwidth is reduced, making the server inaccessible by real users-clients.
- HTTP Flood: It aims to bring down a machine, through mass or multiple URL addresses in the same domain, thus causing server overload and therefore the depletion of hardware resources. HTTP attacks sometimes lead to physical destruction of the server hardware, because of the inability to handle with the CPU and RAM overloading. Instead of going after static content, attackers prefer to target dynamic content to increase the load of hardware. As the server is busy with superimposed demands, disrupts or slows down “good” traffic generated by legitimate users-clients.
What can we do to prevent it
Can I fight it?
There is absolutely no way someone can fight DDoS attacks without using high bandwidth, stable and secure, channels on the internet, specialized software solutions and distributed hardware equipment (hardware protection).
From an economic perspective, it is more viable to use one of the companies services, whose core competence is the development and supply of DDoS Protection.
Usually this will cost you a substantial portion of your income.
In vision4reality we take this in account and we have designed our plans to be cost-effective, but still very powerful.
We have the technology and infrastructure to keep your site online, even under the most severe DDoS attacks. There is absolutely no need to invest in additional software or hardware. The protection is activated in minutes – immediately after your order, and you will be able to forget the DDoS threat forever.
Your business can be protected at a low cost against all types of DDoS attacks
Guaranteed: We are confident in the strength and effectiveness of our services
and offer a money back guarantee 100% within 30 days!