It's been a while since a mass of traffic hitting a website, and shutting it down, has been called the SlashDot effect. Since those heady days of the early 2000s, distributed denial-of-service (DDoS) attacks have become intentional and diverse.
These days, you need to watch out for a variety of types of DDoS attacks. Some showcase more sophistication than others, and all devastate your website when you need it up and running.
Fortunately, DDoS attacks are one of the less common cyber attacks. Still, no reason to take chances. Outsource your network needs to a managed IT service to keep ahead of attacks.
Check out this rundown of the most common (and frustrating) types.
Attacks slowed after the late 2018 FBI takedown of the most notorious sites that initiated attacks.
Even still, since a DDoS attack is an end result and not a specific method, protecting yourself against them requires a broad knowledge base. Even so, hackers rely on known vectors, so understanding some attacks prepares you for variations on the theme.
Whether the vector is through UDP, DNS, or HTTP, a flood attack overwhelms resources.
Each type targets different aspects of the server and relies on different exploits. The HTTP flood comes after partial knowledge gained through phishing or data procural before the attack. This knowledge is used to craft requests that seem legitimate, lengthening the time before the attack is noticed.
The above waste resources on the server's end. Both a ping and an SYN flood waste bandwidth.
A ping flood sends overwhelming calls of a size that must be responded to in kind. An SYN flood takes advantage of the three-way handshake of systems by making numerous requests until the system fails to answer them all.
Also known as PoD, this attack method uses inflated packets to crash a system. An attacker sends the oversized packets to the system, creating a memory overflow as the system attempts to deal with each one.
To make things more difficult, hackers use a variety of packet types, from UDP and IDX to TCP and ICMP echo.
The first attack on this list that uses malware to trigger the attack. The smurf malware amplifies a ping flood style attack, generating larger payloads.
Taking advantage of the remote network management used by sysadmins, this attack forges IPs. The forged IPs make SNMP requests across a system. The more devices in the network, the faster the attack bottlenecks the network.
6. AmplificationsAmplification attacks, DNS or NTP, build on the concept of reflection attacks. The publicly-accessible portions of a system receive inflated packets that overwhelm the system.
The network time protocol (NTP) or domain name system (DNS) designations indicate the approach type.
Taking advantage of parent and child processes inside the environment, a virus makes recursive forks. The system attempts to locate information for a task but never comes back from the labyrinth, thus eating resources and causing a crash.
It's hard to keep your business running if your website isn't up. Even a short outage gives the impression of data vulnerability to your customers. Protect yourself from these types of DDoS attacks with top-notch website security.
