What is a Distributed Denial-of-Service (DDoS) attack?

widget

In a Distributed Denial-of-Service (DDoS) attack, a hacker tries to flood the targeted machine with requests until all the resources are used up and the service becomes unavailable. The attack is made more effective when multiple compromised computer systems carry out the attacks.

Before a DDoS attack can be carried out, the hacker needs to gain access to multiple computers. This can be achieved by installing malware on the victim’s computer. This malware turns each machine into a bot, which gives the hacker control over the botnetall the infected computers. The hacker can then direct the bots to carry out targeted attacks on a machine.

Types of DDoS attacks

  1. Volumetric attacks consume available bandwidth and other resources of the victim, such as with an SYN flood. This attack makes the system unable to handle additional requests, which makes it reject authentic requests.
  2. Protocol attacks target the transport layer by making use of flawed requests to consume resources.
  3. Application layer attacks cause DoS by requesting multiple resources at once.
svg viewer

Many attacks have occurred over the years, like:

  • HTTP Flood causes the botnets to make a large number of HTTP requests to one or multiple websites. The machine is unable to handle such massive attacks, so it crashes.
  • SYN-flood: Multiple SYN packets are directed towards the machine. It exploits the TCP handshake and sends a large number of packets to initiate the connection. The server keeps waiting until timeout. A time comes when the server has no more resources to attend to new requests, so it crashes.

Prevention

  1. Use anti-DDoS Softwares to help distinguish between legitimate traffic and bogus traffic.

  2. Disperse traffic amongst servers to help make attacks ineffective. More capacity requires the hacker to have more resources, so the chances of a DoS attack are reduced.

  3. Configuring firewalls and routers can filter out unwanted traffic.

  4. In case of excessive traffic, make use of black hole routing, which redirects traffic to a null route and prevents the targeted machine from being overwhelmed and the services from crashing.

  5. The server can make use of rate limitation to limit the number of requests that it receives within a given time. This prevents the server from crashing.

Copyright ©2024 Educative, Inc. All rights reserved

Learn in-demand tech skills in half the time

PRODUCTS

Mock Interview

New

Courses

Skill Paths

Projects

Assessments

TRENDING TOPICS

Learn to Code

Tech Interview Prep

Generative AI

Data Science

Machine Learning

GitHub Students Scholarship

Early Access Courses

Blind 75

Pricing

For Individuals

Try for Free

Gift a Subscription

CONTRIBUTE

Become an Author

Become an Affiliate

Earn Referral Credits

RESOURCES

Blog

Cheatsheets

Webinars

Answers

ABOUT US

Our Team

Careers

Hiring

Frequently Asked Questions

Contact Us

Press

LEGAL

Privacy Policy

Cookie Policy

Terms of Service

Business Terms of Service

Data Processing Agreement

INTERVIEW PREP COURSES

Grokking the Modern System Design Interview

Grokking the Product Architecture Design Interview

Grokking the Coding Interview Patterns

Machine Learning System Design

Tiktok Streamline Icon: https://streamlinehq.com

Copyright ©2024 Educative, Inc. All rights reserved.

soc2