DDOS stands for Distributed Denial of Service Attack, and it is a type of cyber attack. Cybercriminals use it to deny access to websites or other online services.
A DDOS attack involves sending large amounts of traffic to the target website. Therefore, it causes an overload on the server and cannot handle all the users’ requests.
Online scammers have discovered several methods to take down targets with DDoS.
There are different types of DDoS attacks; however, they have fallen into three categories.
We have discussed them all in this article. Read on!
Types of DDoS
Volume-Based Attacks
These are one of the most common types of DDoS attacks. In this kind of attack, hackers send massive amounts of data to your website.
The volume of data can be as high as 1 gigabyte per second, making your website unavailable for everyone.
Moreover, volume-based attacks are usually launched by botnets. Botnets are groups of computers that an attacker controls.
These bots work together to launch attacks on various sites. However, malware like viruses and worms often infect them.
Protocol Attacks
In protocol attacks, attackers use protocols that don’t handle huge volumes of data. For example, they may use HTTP, SMTP, or DNS (Domain Name System).
So, when these protocols are overwhelmed, it results in denial of service.
Application Layer Attacks
The application-layer attack is another popular type of DDoS attack. Hackers use applications that are not capable of handling large volumes of data.
For instance, they may use FTP, Telnet, POP3, or IMAP4 (Internet Message Access Protocol 4).
People also refer to application-layer attacks as application-based attacks.
Commonly Used DDoS Attacks
Ping Flood Attack
A ping flood attack is a type of DoS attack. It sends ICMP (Internet Control Message Protocol) packets to a host. These packets contain a lot of data and cause the host to crash.
Ping floods are very easy to carry out because you do not need special software. You need to open up your browser and start pinging random IP addresses.
UDP Flood
Another type of UDP flood is called UDP amplification. This is similar to the ping flood attack. However, instead of using ICMP packets, it uses UDP packets.
Since UDP does not require a response from the receiver, it allows more data to be sent than what would typically fit into an ICMP packet.
SYN Flood
SYN flood attacks are among the most types of common protocol attacks. They get around the three-way handshake needed to set up a TCP connection between a client and a server.
Usually, the client sends the server an initial synchronize (SYN) request. The server responds with an acknowledging (SYN-ACK) response. Then, the client finishes the handshake with an ACK.
In the end, the server keeps opening a lot of half-open connections. Then, it eventually uses up too many resources and causes the server to crash.
HTTP Flood
HTTP Flood attacks are under the application-layer category, and they work by sending a lot of GET requests to a web server.
The problem with this attack is that it consumes a lot of bandwidth. Also, the server has to process each request individually.
So, if there are hundreds of thousands of requests, it will take a long time before the server gets back to all of them.
Slowloris
Slowloris is another type of DDoS attack that lets one web server shut down another server. It keeps as many connections to the target web server open for as long as possible.
Slowloris always sends more HTTP headers, but it never finishes a request. Each of these fake connections stays open on the attacked server.
Therefore, it fills up the maximum number of connections that are only useful once. So, legitimate clients can’t get more connections.
Ping of Death
The attacker sends repeated faulty or malicious pings to a computer in a ping-of-death attack. An IP packet can have a maximum length of 65,535 bytes.
However, the Data Link Layer typically limits the maximum frame size.
A huge IP packet is into many IP packets. Then, the destination host reassembles the fragments into the full packet.
So, the recipient receives an IP packet bigger than 65,535 bytes due to malicious fragment content alteration.
This can cause genuine packets to be denied service due to overflowing memory buffers allocated for the packet.
How to Prevent DDoS Attacks?
There are several ways to prevent DDoS attacks. One way is to protect your web servers against such attacks.
Another way is to use a firewall. Firewalls help protect your network from unauthorized access. If someone tries to hack your system, he/she will have to go through the firewall first.
If you want to increase security, you should consider installing intrusion detection systems.
An IDS helps detect suspicious activity on your network. It alerts you when someone attempts to break into your system.
