What is DDoS Attack
The DDoS (Distributed DoS) based on the DoS becomes the most popular method of DoS attack because it can lead to more serious effects easily and quickly. The DDoS architecture is divided into three layers: attacker layer, main controller host layer, and broker host layer. The attacker controls all the hosts which send the attack code to the broker host. The controller host may be any one host on the internet and its number is very large.
The broker host can make the real attack through receiving the command from the controller host. The attacker cannot be found easily as the progress of attack contains more steps and the information of the attacker is hidden.
What is DoS Attack
The DoS attack is the most popular attack in network security with the development of networks and the internet. Basically, it is DoS(Denial Of Service).
Network security becomes more and more serious with the rapid development of network technology and application. The DoS attack is one of the most popular intrusion methods which often make great economic losses and impact. The study on the DoS attack principle and detection method become very imperative and the new technology for DoS must be updated because the attack tools and techniques of the hackers are enhanced gradually.
The network attack and network security coexist and there is no absolute network security environment. There are many reasons for DoS development. The vulnerability for the system software and application program is published and the rogue software often occurs on the internet. The computer virus and Trojan often destroy the program and system. They can lead to the emergence of the DoS attack. Because some attacks can use the DoS to make money, it becomes the tool of making money. There are many methods to implement a DoS attack.
DoS is defined that the normal user can’t get the service because the hacker seized the service using some different attack methods which can destroy the system and network and it also can occupy the computer resources such as RAM, CPU, and network bandwidth.
HOW DOS ATTACK’s TAKES PLACE
An attacker sends a large number of service requests with a false address. The server sends a response message back to the sender and waits for response information from the client. Because the addresses are forged, the server can’t get any information and must wait for a long time and the connection will be cut with overtime. The resource allocated for this request cannot be released. If the request number is very large, the server resource will be used up finally. So the new user can’t get the service and the attacker is successful.
The attack can make firewall and routes of the target network to be paralyzed and lead to network congestion
Trinoo –uses UDP flood to produce the distributed denial of service.
The TFN (Tribe Flood Network) -uses the ICMP, SYN Flood, UDP flood and Smurf attacks
XOIC – simple DDoS tool
LOIC (Low Orbit ION cannon)
HOIC (High Orbit ION cannon)
**This article is for educational purposes only. Please do not use any of these tools as these can cause critical damage to the infrastructure. Learn more about what is DDoS attack.
Are you prepared when a DDoS attack happens in your organization? Get a DDoS simulation performed by our experts and better be safe than sorry.