What does DDOS Mean?

1130

To put it simply, DDOS stands for Distributed Denial Of Service – that probably still doesnt answer the question what does ddos mean? But it does tell you what the initials stand for.

What does DDOS Mean?

To understand what DDOS actually means, we should look at a little bit of background first. The younger brother of a DDOS attack is a DOS attack – or Denial of Service Attack.

Denial of Service (DOS)

This is an attack made by a single party on a system – normally a server – and as the name implies, the attacks purpose is to deny service to that server.

The attacker will accomplish this task by sending a continuous barrage of bogus requests to the server to the extend that all of the server’s resources are consumed by responding to this “flood” of requests and it can no longer handle any legitimate requests.

These specific attacks are now fairly easy to prevent – because a DOS attack by its nature comes from a single location, most hardware firewalls can now detect a DOS attack as it is starting and simply block the originating IP or MAC address from communicating with the servers behind it – effectively rendering the attack useless.

What does DDOS mean and why how is it different to DOS?

You may have already noticed the key difference between the first type of attack and the second – its the word “Distributed” that makes all of the difference here. A Distributed Denial of Service attack is effectively the same attach as above, except that it no longer originates from a single device or location but its source is distributed – sometimes between thousands or even hundreds of thousands of offending computers.

Bandwidth charts representing a DDOS attack in progress

What does DDOS Mean?

If we think back the the prevention methods for a DOS attack, we know that its relatively easy to find the source address and block it at the perimeter of our network – thus rendering the attack useless, but if we are facing a distributed denial of service attack, we potentially have a source address from every device that is performing the attack – and when you consider that it could be hundreds of thousands of devices, that means to prevent such an attack we would have to block hundreds of thousands of devices at the perimeter – whilst also potentially letting hundreds of thousands of other (legitimate) requests through the firewall – aside form being very difficult to distinguish between malicious and genuine connection requests, performing that “door check” alone would be incredibly consuming on resources.

Occupy Wall Street, Street Protests

DDOS is A Street Protest on the Internet

For those reasons, preventing a DDOS attack is extremely difficult and thus it has become the attack of choice in recent years, and is often referred to as the “Street Protest” of the Internet age.

Why would someone perform a DDOS attack?

A DDOS attack is a malicious strike out on a server – or more specifically on the company that owns a server. It is often performed as revenge to a perceived wrong doing, and sometimes simply as a message to a company for practices that are perhaps disliked by the attackers.

There have been many high profile DDOS attacks over the last 10 years on security agencies, banks and even movements such as the Scientology movement. You can learn more about them in an interesting article here.

How would someone perform a DDOS Attack?

Performing a DOS attack is fairly easy – there are lots of tools available that will accomplish the task, but as state previously it is not an effective attack today.

A DDOS attack is much harder to perform as it involves lots of attack sources by its nature. The most common way to perform a DDOS attack is with a compromised network of computers in your arsenal – or a Botnet as it is typically known.

A Botnet is a network of computers – often ordinary home PCs – that have been unknowingly compromised by the attacker – usually by means of infecting the computer with a hidden virus or Trojan horse – the computer will act as normal for the owner, but behind the scenes it is under the control of the attacker and will often send periodic signals over the Internet to a Botnet Controller owned by the attacker as a way of “calling home” and also to receive updates and commands. When the attacker is ready to strike they will send a command out to all of the comptuers in the botnet, instructing them all to perform a similar set of tasks – such as sending a certain type of packet or request to the victim over and over again.

Different Types of DDOS attack

Whilst a DDOS attack always has the same intention, it can be accomplished with different tpyes of attack, and more specifically by sending different types of requests to the victim server, such as:

  • Internet Control Message Protocol (ICMP) flood
  • (S)SYN flood
  • Teardrop attacks
  • Peer-to-peer attacks

What does DDOS Mean in LOL?

LOL or League of Legends is an online PC game and in recent times it has suffered a lot of DDOS attacks on its servers. Being an online game LOL has game servers that manage player information, scores, interactions and so on.

Attackers have discovered that by targeting these game servers they can severely disrupt the game – be it to send a message to the game owners, or perhaps to certain players of the game – its easy to imagine a disgruntled player that may be taking revenge on another player.

What does DDOS mean in Minecraft?

What does DDOS mean in Minecraft? Again its a similar scenario, an attacker will target the servers that are responsible for running Micecraft, often in the form of a disgruntled players revenge.

How do you Prevent a DDOS attack?

As we have discussed, DDOS attacks can be very difficult to prevent, but sometimes we are able to mitigate them.

One of the common ways to mitigate a DDOS attack is to effectively expand the network that you are behind – this is often acomplished by using a CDN (Content Delivery Network) such as Cloudflare – Cloudflare enables a web server to distribute requests over lots of servers (Owned by Cloudflare) – they handle DNS requests and distribute the traffic to various servers around the world, depending on the location of the source request.

As such, a DDOS attack on a system behind cloudflare will also be spread out over all of those servers – so for example, if cloudflare had 100 servers, the attack would be watered down by 100 times.

Even that method of mitigation is not always successful, and in fact Cloudflare themselves have also been the target of some DDOS attacks.


Comments are closed.