WHAT IS DDOS?
A Denial of Service attack DoS or Distributed Denial of Service attack DDoS aims at rendering a computer resource either unavailable or with sufficiently crippled user accessibility. There are different techniques and means to launch such attacks. Motives and targets could both be varied. the targets. DDoS attacks usually represent the organized attempts to make a web site or service not function or cause sufficient downtime for a limited time or permanently. There is no specific target for DDoS. It can target anything started from financial and banking institutions to online gaming companies.
Types of DDoS attacks:
SYN Flood: Numerous TCP connection requests are sent to machines at such a rate that it cannot cope to process them all. Often, these packets are sent with randomly-generated spoofed source IP addresses. The server responds to SYN request by sending a SYN-ACK trying to establish a valid connection, then waits for confirmation for some time, yet such confirmation never arrives. Thus, the connection table of the server fills up and as it does, all new connections are dropped and legitimate users are effectively cut off from accessing the server.
https Flood: Aims to bring down a machine through en masse addressing of a single or multiple URLs within a domain, causing a web server overload resulting in hardware resource depletion. https Flood attacks sometimes lead to physical destruction of server hardware, due to its inability to cope with the overload on CPU and RAM. Rather than going after static content, attackers tend to target dynamic content in order to amplify hardware load. As the server gets busy with the attack requests, it cuts off or considerably slows down good traffic generated by legitimate users.
Connection Flood: is an attack that creates a vast number of empty connections to the targeted server. Only packets establishing the three-way handshake are sent with no data transfer, the server starts waiting, within keep alive TCP parameters if such are set at all, for data that never comes through. As the name suggests, the aim is to create a large number of real connections, coming from real IP’s, eating into the backlog connection capacity of targeted web servers.
