What is DDoS?
Distributed Denial of Service (DDoS) attacks target online services and suspend or interrupt them, making them inaccessible to users. These can be especially nefarious when targeting services like banking accounts, among other websites that render it a nuisance. The attacks can target a variety of resources and present challenges to users attempting to access accounts and important information. What distinguishes a denial of service (DoS) attack from a distributed denial of service (DDoS) attack is that when the latter occurs, your computer may be used by an attacker to target another computer. The ‘distributed’ bit then refers to the use of multiple computers within the process of the attack. This tends to particularly trouble users; the fact that their computers are being used against them to attack others’.
There are several types of DDoS attacks that can be divided into three categories: protocol attacks, volume-based attacks, and application layer attacks. For instance, within protocol attacks, the main objective is to consume server resources or other communication equipment like firewalls and load balancers. This category of DDoS can include specific attacks such as Ping of Death, SYN floods, Smurf DDoS, fragmented packet attacks, and more.
Volume-based attacks are typically done with the objective of overwhelming the bandwidth of the attacked website with a flooding of high-volume packets or connections. These are typically the most common DDoS attacks and include UDP and ICMP floods.
Lastly, application-layer attacks are typically done with the intention of crashing the web server. Depending on the number of network connections needed to reach the applications, some of these attacks can characteristically be more effective than others. Specific attacks within this category may include: attacks that target vulnerabilities within Windows, OpenBSD, and Apache, as well as GET/POST floods, and low-and-slow attacks.
What Can I Do to Protect My Site?
Encountering any sort of attack with your computer is troublesome, but when it comes to DDoS attacks, there is some hope in taking precautions to do what you can to protect your site. Unfortunately, in these situations, detecting the actual source or target of the attack can be difficult. There isn’t necessarily any way to ensure you won’t be the victim of a DDoS attack, but there are certain precautions you can take to reduce their likelihood.
For instance, you can install anti-virus software and continue to maintain that. You can also install firewalls, which tend to be one of the most common stateful devices used to mitigate threats. Firewalls contain a stateful packet inspection (SPI) engine component that can peer into packet flow to both define and determine application-level details and connection information. You can configure them to monitor the level of traffic entering and leaving your computer.
Other precautions include:
- Running an occasional script to monitor recent traffic count
- Considering cloud-based anti-DDoS solutions to avoid malicious DDoS traffic
Protecting your site from a DDoS attack isn’t a lost cause, but it’s also important to realize that it cannot always be prevented. The best thing you can do to avoid such an attack is to take legitimate precautions such as those outlined here and make yourself aware of the warning signs that accompany the attacks.