DDOS Attacks and How to Prevent Them

Background

Chidinma has been trying to get on The Way Forward site for about 20 minutes but it isn't loading. She checks with the security department and she is informed her that they're under attack.

There are several times more than the usual number of requests to connect to the site, but none of the computers where they’re coming from seem to exist. It’s like a distributed denial of service (DdoS) attack.

Malicious users often disrupt web services with distributed denial of service (DDoS) attacks. These attacks send so much junk to a server that real traffic can’t get through. It’s a very old and effective technique that malicious users often employ to try and shut down a website.

What is a DDoS attack?

To understand a DDoS attack, we’ll talk about denial of service and distributed denial of service attacks. The main difference between the two is in the number of attackers. A denial of service (DOS) attack comes from one person or network, while a distributed denial of service attack (DDoS) uses many computers from networks all over the world. This amplifies the attack, and makes it harder for the target to protect itself.

How a Denial of Service attack works

Simply, a DOS floods a server with a huge amount of fake traffic, giving it far too many connection requests to handle, raising its bandwidth, tapping out its memory and eventually preventing real users from connecting to the server.

But even when a botnet uses many computers to open up a large number of connections, this is still quite hard to do. So, attackers can magnify the attack by using fake IP addresses. The attacking machine sends a connection request to the server using a fake IP address. The server responds and waits indefinitely for a further response – keeping the connection open – but none comes because the IP address was fake. The botnet repeats the process, making the server keep a lot of useless connections open and lose more and more memory until can’t cope any more and shuts down.

The strategy works and has slowed or crashed prominent websites. However, companies  have begun to take precautions.

Defending against a DDoS attack

There are a few defences.

  • FilteringThis works when routers on the network are programmed to detect and disconnect DDoS connections.

 

  • Moving defencewhich takes place when the target site’s IP address is changed if the attack is pointed at a particular IP address.
  • Blackholing, or directing all traffic to a fake web address.
  • The last is to simply use Content Delivery Networks (CDNs) like CloudFlare or Incapsula.


Continue the conversation.


Visit forum.safeonline.ng to post comments and get advice from a community of security experts

Read next article How To Protect the Transfer of Sensitive Data

Related articles

Prevent Hackers from Impersonating You by Sending Emails that Look Like Yours

Nasir, has just received an email claiming to be from his boss, asking him to drop the current case they were investigating with good leads and take a break . He is confused because the email address is just the same as his boss.

Protecting your Website Against Attacks Using Web Application Firewall

Nasir launched a website to enable the public report any case of human trafficking. Since the launch, there has been series of attacks against the website. He does not know how to protect against these types of attacks because he is not a security expert.

Most Common Digital Attacks

Nazir who works with Dundun Media house has a basic idea about IT security which he uses to protect himself online but he's still amazed by the ingenuity and determination of cyber criminals to break into computer networks. He wants to know the common ways in which his system can be breached.