Skip to main content

Understand DDOS ATTACK


DDOS stands for "Distributed Denial of Service"


A DDOS attack is carried out by a network of machines, hence the notion of distributed attacks

These machines have been corrupted beforehand by cybercriminals through the spread of malware.


This network of infected machines is also called botnet.


The cybercriminal will execute a DDOS attack by ordering the botnet to saturate the service with many requests until it becomes unavailable, It is the concept of denial of service.


DDOS can be on a specified service, it can also be a network link, an infrastructure, a website, an application, etc...

It is noted that with the rise of the IoT or Internet of Things DDOS attacks gain in intensity since cybercriminals enroll unsecured IoT equipment in botnets.


Denial of service will prevent real users of the service from using it.


Another variant is DDOS attacks based on reflection and amplification, In this case, the cybercriminals will use machines accessible on the internet and therefore not corrupted.

ddos attacks


These machines called "reflectors" are just intended to respond to requests from any source.


The cybercriminal will send requests to these reflectors using the victim's IP address as the source IP, the cybercriminal makes then an identity theft or rather an IP address.


The reflectors then think that it is the victim who made the request and they will therefore send their responses to the victim.

The reflectors will then create unsolicited traffic by the victim who then suffers a back attack.


Where this type of attack is dangerous is that there is an amplification effect. Indeed some protocols generate responses much larger than the request size.

We can for example cite the DNS protocols for Domain Name System or NTP for Network Time Protocol.

The amplification effect allows to saturate the victim's network bandwidth even faster, which results in denial of service.


The motives behind DDOS attacks can be very varied.


In the gaming environment where DDOS attacks are very numerous the goal is to slow down or even saturate the bandwidth of the other player, all this to prevent it from playing and in general the motive behind it is just either for fun or to piss off the other player.

Another case is the DDOS attacks which are carried out by the activists, we can take for example the case of the Anonymous group which DDOS attack campaigns against government or terrorist sites and there the motive behind it is rather convictions in particular the defense of individual freedoms.


Finally for companies, DDOS attacks are often the harbinger of a larger attack indeed cybercriminals often use DDOS attacks to test the defense and reaction capacity of companies.


DDOS attacks also allow cybercriminals to create a diversion to implement new malware at the same time or to extract data.

Here is a video explaining more in depth these fundamentals:


Understand_DDOS_ATTACK


Give me your opinion in the comments




Labels:

Comments

Post a Comment

Popular posts from this blog

Automating VLAN Creation on Cisco Devices with Ansible

  Automating VLAN Creation on Cisco Devices with Ansible Ansible is a powerful automation tool that simplifies network management tasks, including creating VLANs on Cisco devices. For beginners, this guide will walk you through automating VLAN creation step-by-step, from setting up Ansible to deploying VLAN configurations. What is a VLAN? A VLAN (Virtual Local Area Network) is a logical group of devices within a network that can communicate as if they were on the same physical network, regardless of their physical location. VLANs improve network efficiency and security by segmenting traffic. Why Use Ansible for VLAN Automation? Consistency: Avoid manual configuration errors. Efficiency: Configure multiple devices in seconds. Scalability: Manage large-scale networks easily. Flexibility: Supports various Cisco devices and integrates with other tools. Prerequisites Cisco Device Configuration: Ensure your Cisco devices support SSH and are configured to allow Ans...
Post a Comment
Read more

20 Linux Commands for Listing Users, Folders, and Processes on Ubuntu and Red Hat

 Linux provides a variety of commands to retrieve information about system users, directories, and processes. This article presents 20 essential Linux commands for listing and managing users, folders, and processes, applicable to both Ubuntu and Red Hat systems. 1. Listing Users cat /etc/passwd Displays a list of all users on the system along with their user IDs, home directories, and shells. getent passwd Fetches user information from the system's databases, useful in environments with LDAP or NIS. who Shows all users currently logged in to the system. w Displays detailed information about logged-in users, including their active processes. users A simple command that lists the currently logged-in users. id [username] Displays user ID (UID), group ID (GID), and group memberships for a specific user. finger [username] Provides information about a user, including their real name, login time, and more. (May require installation: sudo apt install finger...
Post a Comment
Read more

30 Linux Commands You Should Know

Linux is a powerful operating system used by developers, system administrators, and tech enthusiasts worldwide. Whether you're new to Linux or brushing up on your skills, here are 30 essential commands every Linux user should know: Start Learning   Linux Fundamentals  For Free 1. ls Lists files and directories in the current directory. ls 2. cd Changes the current directory. cd /path/to/directory 3. pwd Prints the current working directory. pwd 4. touch Creates an empty file. touch filename 5. mkdir Creates a new directory. mkdir new_directory 6. rm Removes files or directories. rm filename Use rm -r for directories. 7. cp Copies files or directories. cp source destination 8. mv Moves or renames files and directories. mv oldname newname 9. cat Displays the contents of a file. cat filename 10. nano Opens a simple text editor. nano filename 11. vim A powerful text editor. vim filename 12. chmod Changes file permissions. chmod 755 filen...
Post a Comment
Read more