DDoS Attacks and Protection
by Jennifer Watson Blogger | Writer | Social Media GeekA DDoS (Distributed Denial of Service) attack makes online services
unavailable. This is done by overwhelming online services with traffic from
multiple sources. Hackers target a wide variety of important resources, from
banks to news websites. This makes it near impossible for people to publish or
access important information.
Types of DDoS Attacks:
There are
four main categories of DDoS attacks.
1.
TCP
Connection Attacks
TCP connection attacks work by occupying connections. The main goal
behind these attacks is to use all the available connections to infrastructure
devices like application servers, load balancers, and firewalls. TCP connection
attacks can even take down those devices that can maintain state on millions of
connections.
2.
Volumetric
Attacks
Volumetric attacks work by using up bandwidth. These types of attacks
consume the bandwidth within target network/service and the rest of the
Internet or within the target network/service. The main goal behind these
attacks is to cause congestions.
3.
Fragmentation
Attacks
Fragmentation attacks send a flood of UDP or TCP fragments to the
victims. This completely overwhelms the victim’s ability to reassemble the
streams which, in turn, reduce their performance.
4.
Application
Attacks
As the name suggests, application attacks work by directly targeting the
applications. The main goal here is to overwhelm a precise aspect of either an
application or a service. Application attacks are very effective even with very
few machines generating a low traffic rate.
Amplification Types
The most
problematic aspect of DDoS attacks is that there are ways through which the
attacks mentioned above can multiply the traffic they send.
1.
DNS
Reflection
This type of attack amplification method is also called “small request,
big reply attack” because malicious entities start by sending a very small
request to the DNS server. After that, they ask the server to a very large
reply to the intended victim. This amplifies the original attack and
effectively overwhelms the target.
2.
Chargen
Reflection
Even today, a lot of computers and internet connected printers support
Chargen which is a very outdated service. Chargen allows someone to ask the
device to reply with a steady stream of random characters. Chargen is mostly
used to amplify attacks very similar to DNS attacks.
DDoS Protection
The best
way to effectively protect your business from any form of DDoS attack is to
hire a competent security service. The Australian based company Lean Security specializes in managed security testing service that guarantee the
overall protection of your web and mobile application.
The DDoS Protection
Service offered by Lean Security adds a barrier between outside sources and
your web servers which, in turn, block out traffic that appears to be malicious
or attacking in nature.
DDoS
Protection Services especially come handy for E-Commerce websites, where if an
overload of malicious traffic attacks occurs then the website gets shut down
and affects your businesses’ ability to earn money.
Lean
Security’s DDoS Protection Service offers:
·
Comprehensive DDoS Protection
·
Easy and Fast Implementation
·
Managed by Security Professionals
To
avail Lean Security’s security
testing services, check out http://www.leansecurity.com.au/
Sponsor Ads
Created on Dec 31st 1969 18:00. Viewed 0 times.