What are DOS and DDOSAttack

Dos and DDOS are one the most popular and powerful attack which can cause loss of millions of dollar. Let’s understand the difference between Dos and DDos attack and What are the different types of Dos attacks are there.

What is DOS Attack?

Dos (Denial of Service) is a type of attack where the attacker floods the server in order to take it down. The goal of a Dos attack is to take down the server availability and make it unavailable to everyone. In simple words, the attacker flood target server with soo many requests until the server goes offline.

Why Server becomes unavailable because of a Dos attack?

Every computer system or server has some capacity which it can handle. For example, a server has RAM, CPU and other components that works to keep it working. When you send a request to the server, the server takes action to that request and reply back within some time based on its capacity.

but if you send multiple requests to the server at the one-time server will reply to the request one by one and it will take time for the server to reply to every request, because the server has limited capacity. Suppose the victim server can reply to 3 people at one time and 6 people send a request to it. Now the server will reply slowly because the number of requests is greater than it can handle.

At the same time if the number request increase then the server will not be able to reply to anyone and will be exhausted, Now the server will go offline because of too many requests. That’s how all things work.

DOS vs DDOS

DOS – DOS or Denial of Service is a type of attack where the attacker floods the server with single a system. in Dos attack Number of requests to the server is less.

DDOS – In Distributed Denial Of Service multiple systems do dos attack at one time to the one target. In simple terms, multiple systems target one system. A DDOS attack is more successful and has much better chances to take the server offline. DDOS is mostly done by a bot and C2 server.

The attacker creates any malware and infect soo many computers and control all the infected computer with one server called C2 or command and control server.

Types of DDOS Attack

Dos Attack can be done in multiple ways, how the request will be sent and what method can be used.

  • Ping Flood – Ping work with ICMP echo request, Normally ping sends an ICMP echo request and the server reply back with ICMP echo reply. in this attack, the attacker sends too many ICMP requests to the server.
  • Ping of Death – The attacker sends ping echo message with packet size more than allowed, The maximum ping packet size allowed is 65,535 but the attacker sends packet more than the maximum size.
  • Smurf Attack – Smurf attack again uses the ICMP protocol. The attacker sends ICMP echo requests to the IP broadcast address with a spoofed source IP address of the target. The receiver of the ICMP packet will reply to our target because of the spoofed source IP address.
  • UDP Flood – The attacker sends the UDP packet on the random port to the target server. The target server check the application with the UDP packet but get nothing and reply back to the attacker withDestination Unreachable. Attacker flood the server with this process.
  • HTTP Flood – HTTP flood is a layer 7 (OSI model) based attack where attack sends the HTTP request to the server. It could be an HTTP-GET or HTTP-POST request.
  • SYN Flood – SYN flood or half-open attack exploits the TCP handshake. the attacker sends the SYN packet to the server and the server reply SYN/ACK and waits for the ACK packet and keeps the connection alive. but the server never receives the ACK packet. Mostly server sends a SYN packet with spoof source IP.

Mitigation of DOS Attack

  • CDN – the Content delivery network is one of the methods to prevent DDOS attacks. in divided the network traffic geographically. It distributes the traffic based on their location.
  • Monitoring – Monitoring means checking the traffic flowing to the server. monitoring the traffic will allow you to find the malicious traffic and based on you can take actions like blocking the IP address and malicious pattern.
  • WAF – A Web application firewall allow you to monitor the HTTP traffic and sits in front of your server and also protects you from other web application attacks.

TELEGRAM GROUP for your discussion You can join our telegram channel for free ebooks and other updates. You can follow us on Twitter and Instagram.
Share it.

4 Comments

  1. […] Go back to the home and select the dos attack option (2) and you can see all the network layer dos attack you can perform with pentmenu. you need to enter the target IP and Target Port number, pentmenu also let you spoof the source IP address. if you don’t know all these dos attack types check out the previous blog on Dos attack and types. […]

  2. Yesbet88 스포츠 북
    Yesbet88 스포츠 북

    Love watching pictures of most beautiful bridges !

  3. Billige kattesenge
    Billige kattesenge

    What blogging website had the least invasive ads for free-account users?

  4. Every once inside a even though we pick blogs that we read. Listed below are the newest web sites that we pick.

Leave a Reply