DOS Attack is more like Kung Fu
When we punch someone once, maybe he can walk on his own feet but what about 10 Punches? Or 100? Or 1000?
He can get injured or maybe unconscious or even die.
Similarly when we are using a website (watching video, filling forms or just clicking stuff) we are punching it once and the website runs normally.
But have you ever faced a situation like “The website is currently busy or unavailable”
It happens when a lot people are punching it (using it), like when they announce our board results website often crashes because thousands of students try to check their results and the server can’t take that much load.
So how to crash a website without using thousands of people? Well, how can you punch multiple times in a small fraction of time? The answer is Kung Fu.
Well we don’t need Kung Fu in case of websites/servers but a technique called DoS (Denial Of Service). This attack is used to crash the website or to make it slow.
There are many programs/scripts that can send many request to a website in one second (like thousands of users are trying to open it in one second) and make it crash.
Well when DoS is performed by many computers (or should I say devices?) simultaneously on the same server/website it is called an Distributed Denial Of Service (DDOS) Attack.
So now imagine 10 people punching one guy constantly…Can he survive?
No way man and its better than that Kung Fu (DOS Attack). DDOS is mainly caused by Botnets.
Botnet is network of many hacked computers which is connected to a core computer from where a hacker can use all of them to perform DOS Attack and hence it will called a DDOS Attack.
Types Of DOS Attack
There are Basically three types of DoS attacks
Like Kung Fu have different techniques like “Snake, Mentis, Dragon etc.”
There is no best style as every attack has its own specialty. You can’t defeat all enemies with one type of attack (i will not talk about Tekken here).
Every opponent (website/server) has its own weakness so we have to choose our attack type according to the weakness.
1. Volume Based Attack:
In this attack we simply sends a large volume of packets to the target. This attack is used to saturate the bandwidth of the attacked website. Decrease in bandwidth means it will unable to serve other legitimate users trying to access the website . This attack includes ICMP floods, UDP floods, and other spoofed-packet floods.
2. Protocol Level Attack:
Simply, this type of attack directly attacks the server. It tries to eat up all resources of the server or intermediate systems as Firewalls, Intrusion Detection Systems (IDSs) etc.
This attack includes fragmented packet attacks, SYN floods, Smurf DDoS etc.
3. Application Layer Based Attacks:
This attack is your “Special” attack as it targets the Layer 7. It can finish the target in minutes if the target is vulnerable to it. It targets the software (Application layer) like windows, openBSD, Apache etc. A great example is Apacher Killer, it is a program which targets Apache servers and is able to take them in less then in a minute if they have not applied the vulnerability patch.
So I tried to introduce you to DDOS attacks with this article. I hope you liked.
I will write more articles in this series soon like which tools are the best and what kind of..shh…its a surprise. See ya later mate.
Also Read: How data travels over Internet? TCP/UDP