DDoS - Distributed Denial of Service : Explained

DDoS is an acronym which stands for Distributed Denial of Service. A DDoS attack is generally carried by a spiteful hacker to make a computer resource like a website, application, e-mail, voicemail, network, etc. to stop responding. This is done by giving a command to remotely- controlled computers to send millions of messages in order to flood the network to its target computer resource. The target then loses its capability to filter the legitimate users and gets busy in responding to malicious requests sent by the hacker. This can even cause the target system to stop responding all together and might result in long delays and outages.

Distributed Attack

You might have figured out by now from the first paragraph itself how serious a DDoS attack could be, but what do you mean by “Distributed”? The DoS attacks have “Distributed pre-attached because these attacks comes from many computers at once. The hacker, or in this case also known as a DDoS’er controls a large number of computers to affect the target and these computers are affected by Trojan virus. A virus is basically an application that allows a computer to get remotely accessed and controlled without the knowledge of the actual user.

A Zombie and a Botnet

Ok! This might sound you the characters of some fictional Hollywood movie, but in technical language, virus infected computers are known as zombies as they are under complete command of DDos’er. A large group of such zombie systems is called a robot network or botnet.

There may be a chance that your system is a part of a botnet and you have not realized it. You may or may not notice any difference, you might feel your system is running slow, but that could be the result of your computer becoming a zombie and is busy catering to malicious requests. You might find out that your computer is a part of botnet if your internet service provider drops your service as your computer might be sending an unusually high number of requests.

DDoS command-and-control server

DDoS command-and-control server is an infected web server from where the infected zombie system receive commands in a botnet. DDoSers who have access to a command and control (C&C or CC) server can recruit the botnet to launch DDoS attacks. More than 4,000 command and control servers and more than one million zombies have been identified worldwide. They have been tracked and have been notified to law enforcement groups to get them disabled when possible.

Types of DDoS attacks

There are a number of DDoS attacks, they have different network components to be targeted – routers, appliances, firewalls, applications, ISP’s and data centers. Till past there has been no easy way to prevent DDoS attacks but now FireBlade has proven a good DDoS protection approach that has minimized the damage and will let your system keep working even during an attack.

A number of methods have been identified by DDoS attackers to attack their target. One of the very famous malicious Hacker group for example, is Anonymous, it started of its malicious activities with a tool that could Launch Layer 7 DDoS attacks and Layer 3 DDoS attacks from any computer. These attacks were being able to be detected easily because they have a common code with their signature attack.

This is more or less like a cat mouse chase, once cat learns the moves of mouse the mouse changes its directions, similarly once the keepers got hold of attackers they change they path of attacking by randomizing their signatures and encrypting their codes.

Application- Layer DDoS attacks are much more difficult to recognize but FireBlade's DDoS mitigation system have resources and expertise to handle such attacks. Their anti DDoS systems, monitor and analyze such attacks and block them, hence safeguarding their clients. FireBlade is one stop protection solution against all kinds of DDoS attacks or for the fact any other security attacks.

Application Layer 7 DDoS Attacks

They might not create high volumes of network traffic but they surely harm your website in a higher devastating way. Their methods of attacks are quite harmful as they can activate some areas of web application and might post different usernames and passwords or might target shopping cart or a search engine.

Several famous e-Commerce outages are a result of the Layer 7 application attack. The biggest issue with catching these goons are, anything a visitor can access an attacker can too this they both look similar to an It administrator.