Additional information (dd)

Dos- and DDos-attacks

Definition:

Dos-attack: Denial of service, DDoS-attack: Distributed Denial of service.

A Dos-attack differs from a DDos-attack where a Dos-attack comes from a single computer while a DDos-attack comes from a network of (infected) computers. Dos-attacks saturate a system's resources with the goal of impeding response to service requests.

DDoS is a website attack that is designed to overwhelm the resources of a system to the point where it is unable to reply to legitimate service requests, which often results in a complete shutdown. Usually a botnet of infected computers creates a vast number of requests. This kind of attack doesn't allow the malicious hacker to breach the security but will temporarily or permanently render the site offline, however: DDoS attacks are often used together with other methods; the hacker's goal is to distract the security systems while exploiting a vulnerability. With a successful DoS or DDoS attack, the system often has to come offline, which can leave it vulnerable to other types of attacks.

Protecting your site against a DDoS attack is generally multi-faceted:
-First, you need to use a reputable hosting provider. Good hosting companies will do things like regular pen testing, which is a controlled way to test for vulnerabilities, as well as performing diligent and consistent network monitoring.
-Then you can mitigate the peaked traffic by using a Content Delivery Network (CDN), a load balancer and scalable resources.
-You also need to deploy a Web Application Firewall in case the DDoS attack is concealing another cyberattack method, such as an injection or XSS, it detects whether requests sent to your site are legitimate. Imposter requests can then be discarded, allowing normal traffic to flow without interruption.

Examples: the most common types of DoS and DDoS attacks are the TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack, and botnets.

 

Footnotes: