Today I want to talk with you about a DDoS attack and what it is. Many people have no idea how this works or what effects it can cause on your website or the hosting service you are using. These types of attacks are malicious and are aimed at preventing people from visiting your website. The attacks act like a traffic jam preventing visitors from arriving at your site because they are overwhelming the network with a flood of internet traffic. The person who is attacking your network is using a group of exploited machines and other types of network services such as loT devices.
So How Does All This Work?
Good question. When a person wants to start a DDoS attack on a network he or she will need a network of online machines in order to carry out their attack. They have to find a group of computers or loT devices, that they can infect the devices with malware and it turns the devices into zombies that can only be controlled by them. Once the malware is installed on these machines they are no longer computers like they were before. They have now become a bot, and the person now has complete control over these devices and has constructed a botnet that they control.
Keep in mind that each computer in their botnet has a separate IP address and is independent of each other. The person who is in charge and controls all the bots in his botnet can now send a set of instructions to the devices. When the person sends an IP address to the bots in his control each one of the bots will now respond to the commands that were issued to them and start sending out requests to the targeted network.
The flooding of the network by all the bots in the botnet will cause the network to immediately overflow capacity. This, in turn, causes a denial-of-service or DDoS to the normal traffic that is trying to use this network. When this happened the network administrator has a very difficult time telling which IP address is associated with the attack and which IP address is from legitimate traffic coming to the network.
What Are The Different DDoS Attacks?
The Application Layer Attack: Many networks will consider this or call this a layer 7 DDoS attack. The 7th layer in a network is the human-computer interaction layer. This is where people can access the network services. This DDoS attack is designed to attack the layer where the web pages are generated from. This is one of the hardest attacks for a network to defend themselves against. Networks have a hard time to flag these attacks as malicious attacks against the network.
HTTP Flood: This type of attack can range from a simple attack all the way up to a complex attack. The best way to understand this attack would be to describe it as a refreshing attack. The attack will continue to refresh the web page over and over again. When you get a large number of computers refreshing the same page over and over again it results in a denial-of-service.
Protocol Attacks: These types of attack will target resources like firewalls and load balances. The attacks target the 3rd and 4th layer of the networks. The 3rd layer of a network determines which physical path the data will take and the 4th lawyer will transmit the data using the TCP and UDP protocol. In this attack, the bots will exploit the TCP handshake by sending a massive number of TCP connection request to the network. The network responds to each request and waits for the final step to be executed in the handshake. When this doesn't occur the network resources are exhausted and the denial-of-service attack is underway.
I hope this had shed some light about DDoS attacks and how they work. If you have anything else to add to this information that would be wonderful. I love to hear your thoughts about DDoS attacks. Thanks for reading.