DoS Attack (Denial of Service)
Denial of Service or DoS attack is a type of network attack designed to flood the target network or machine with a large amount of useless traffic so as to overload it and eventually bring it down to its knees. The main intention behind DoS attack is to make the services running on the target machine temporarily unavailable to its intended users. DoS attacks are usually carried out on web servers that host vital services such as banking, e-commerce or credit card processing.
A common variant of DOS attack known as Distributed Denial of Service (DDoS) attack has become quite popular in the recent days as it is more powerful and hard to detect. A typical DoS attack has a single place of origin while a DDoS attack originates from multiple IP addresses distributed across two or more different network.
Diagram of DDoS :
Unlike a DoS attack where the attacker uses one single computer or a network to attack the target, a DDoS the attack originates from different pre-compromised computers belonging to different networks. As the attacker uses a number of computer systems from different networks each residing in different geographical locations, the incoming traffic looks natural and therefore becomes hard to detect.
Some Methods are Involved in DoS Attack. The method are SYN Flood Attack, Ping Flood Attack,
Teardrop Attack, Peer-to-Peer Attacks.
Protection Against DoS/DDoS Attacks.
DoS attacks can easily be handled by blacklisting the target IP that are found to be making too many requests/connections to the server. However, DDoS attacks are complicated as the incoming requests seem more natural and distributed. In this case it is hard to find the difference between the genuine and malicious traffic. Taking an action at the firewall level to blacklist suspected IPs may result in false positives and therefore may affect the genuine traffic as well.
No comments:
Post a Comment