DDoS attack: what it is and how it works
Related Videos: DDoS Attack Explained (May 2024).
Websites and servers are often victims of DDoS attacks, so you can no longer reach the pages for a while. But what is it exactly and how does the attack work? We'll explain it to you.
DoS or DDoS attack: what is it?
The letters DoS stand in both cases as an abbreviation for "Denial of Service" - in English: "refusal to serve". A program or an entire system no longer performs its tasks correctly and, in the worst case, even crashes completely. This happens either due to careless practices or a willful attack from outside. There are basically two types of DoS attacks:
- A DoS attack starts from a single system. The attacker repeatedly sends a variety of requests to the server. As a result, the website stops responding or at least can only answer regular inquiries slowly.
- However, it is more effective to exploit known vulnerabilities in the system and crash it. All that is needed for this attack is Internet access to the system.
- DDoS attacks are usually much more successful. The additional letter stands for "distributed", ie an attack distributed over many systems.
- The attackers often use botnets that target a large network of hijacked computers to a target. If thousands of computers from a botnet send numerous requests to a website at the same time, it is quickly overloaded.
This is how you can protect yourself against DoS attacks
If you run a webshop or your own website, such an attack can be very expensive. It is therefore important that you secure yourself in advance. There are several possibilities for this:
- Set up a firewall including blacklists. If a DoS attack is carried out from a fixed IP, you can simply block it. Then the requests from this IP are no longer processed.
- Also use a SYN cookie. The server no longer keeps invalid connections open. You are well protected against a so-called SYN flooding attack.
- If you are running a large website, then you should distribute the server load. Although this is a little more expensive, it is also more secure: Here the server distributes all requests to several computers working in parallel and thus avoids a single overload.