DoS & DDoS attacks

Introduction

Security is the priority for any organization. Preventing attacks and making the system secure is the most important task for any developer.

To prevent any attack, we should have a good understanding of the attack and how it works.

In this article, we are going to discuss DoS and DDoS attacks and in the next article, we will implement how to fix it in .Net Core.

We are going to cover.

1. What is a DoS attack?
2. What is a DDoS attack?
3. Difference between DoS and DDoS.
4. Types of DoS and DDoS attacks.
5. How to identify DoS/DDoS attacks?

Let us start with the DoS Attack.

What is a DoS Attack?

Denial Of Service is a cyber-attack that makes servers or other devices unavailable to its end users.

Let us discuss this concept in simple words.

As we all know, servers or computers have limitations to processing a number of request at a time based on server/computer configuration like RAM, hard disk, etc. If you exceed the requests, then that server will be too busy processing those requests and become unavailable. This kind of attack is called Denial of service.

Let us see the below image.

Victims of the DoS attacks are mostly banking, Media, Government, Commercial, etc.

What is a DDoS Attack?

Distributed Denial of Service is a DoS attack that uses multiple systems from distributed locations to flood requests to target servers or resources.

As attackers send requests from distributed systems and locations, this attack is difficult to identify compared to a DoS attack.

Let us see in the below image.

Victims of DDoS attacks are Internet shopping sites, online casinos, etc.

Difference between DoS and DDoS?

Both types of attacks overload the servers/websites with a flood of requests to disrupt services provided by the server/web application.

DDoS can be done using multiple compromised systems to flood the request from distributed locations.

DoS attack can be done by flooding N number of requests to crash or shut down the system from the same location.

Types of DoS and DDoS attacks

There are many types of DoS and DDoS attacks available in the market, but few of the important attacks are.

1. Teardrop Attack
2. Flooding Attack
3. IP fragment Attack
4. Volumetric Attack
5. Protocol Attack
6. Application-based attack

How to identify DoS/DDoS attacks?

Identifying this kind of attack is not easy as you suspect that the server is not responding due to high traffic.

Below are a few hints that help to identify such attacks.

1. Too many requests were received from the same IP address.
2. Terribly slow network performance. Not opening files or a particular website.
3. Server response with 503 error code (Unavailable error).
4. Log analysis solution shows a massive spike in traffic.

In all the above hints, I believe, the best way to identify such an attack is by monitoring and analyzing network traffic.

Hope you understand the DoS and DDoS attacks. In the next article, I will explain to you how to prevent these attacks in the .Net Core.