What Is The Denial Of Service Attack?
|Last Updated on 2 years by Touhid
A denial-of-service (DoS) attack is malicious attack where legitimate users are unable to access the computer systems, services or network resources. The service may be websites, online web based application, email, financial software and others application. In this post, we will discuss on, what is the denial of service attack and how to prevent denial of service attack.
Table of Contents
What is the Denial of Service Attack?
What is the denial of service attack? A DoS attack is type of cyber-attack that shut down a system or network and making the system is unavailable to its intended users. In DoS attack, the attacker flooding the target system by sending massive amounts of traffic and the system is unable to access, resulting in denial of service attack. In that case, the legitimate users such as employees, visitors and members are unable to access the system until the normal traffic is processed.
Typically, DoS attack flood web server, service, application or network with malicious traffic of an organization or individuals in order to overwhelm the victim’s resources.
There are several signs or symptoms when a DoS attack happened, which are as follows:
- Unavailability of Website or applications
- Degradation of network performance
- Receiving usual volume of spam email
- Inability to access a website
We know that, phishing is type of cyber attacks, which main aim is to steal sensitive information but Denial-of-Service attack doesn’t usually do that. The main target of DoS attack is loss of reputation of an organization. The organization may be top level of the country such as government, banking, commerce and other financial sectors.
Learn More about Phishing attack
Already, we have discussed on what is the denial of service attack ? Now, we will discuss on Distributed Denial of Service Attacks (DDoS).
Distributed Denial of Service Attacks (DDoS)
A DDoS attack is a cyber attack to interrupt normal traffic of a targeted website, service, server, or network. In DoS attack, the malicious data or requests are sent from a specific source but in the DDoS attack, the malicious requests are sent from multiple systems or sources to disrupt the services.
Typically, the DDoS attacks involve many “zombie” systems. The “zombie” or “bot” is a compromised computer or network that has previously compromised and controlled by an attacker or malware.
Then the “zombie” sends massive amounts of malicious data or requests to a targeted website, service, server, or network to disrupt the services.
Learn more about Malware.
In above, we have defined what is the Denial of Service Attack? and Distributed Denial of Service Attack. Now, we will explain different types DDoS Attacks.
Types of DDoS Attacks
There are three types or techniques of DDoS attacks, which are as follows:
- Network-centric or volumetric attacks
- Protocol attacks and
- Application layer Attack
1. Network or Volumetric Attacks
Volumetric attacks is common types of DDoS attack, where the entire bandwidth of a network is consumed. Once the bandwidth has been consumed by an attacker, then authorized or legitimate users will not be able to access the resources within the network.
Volumetric attacks happen when the attacker flooding the network devices such as hubs or switches with ICMP echo requests until there is no more bandwidth available.
In volumetric attacks, the attackers send huge number of malicious requests to the target system in order to overwhelming the network equipment, servers, or bandwidth resources.
2. Protocol Attacks
The Protocol attack is another denial of service attack, which focuses on exploiting a weakness in Layer 3 or Layer 4 of the OSI (Open Systems Interconnection) network model.
Typically, this type of attack consumes the capacity of web server’s resources, or any other network hardware such as firewalls and load balancers. Finally, the result is inaccessible of service to the intended users.
3. Application Layer Attack
Application layer attacks is a type of malicious attack which has designed to floods the specific applications in order to slow or crash the application. So, the applications are unable to deliver content to the intended user.
In application layer attack, the attacker flooding the target system by sending millions of traffic to a particular service and the system is unable to access, resulting in denial of service attack. The most common target of attacker is web servers.
This layer is also known as “top” layer 7 (L7) in the OSI network model and closest to the end user’s interaction. In this layer, internet requests such as HTTP GET and HTTP POST take place.
Prevention of Denial of Service Attack
It is very difficult to prevent DoS attack. However, here are the best recommendation for avoiding and stopping the Dos attack.
- Purchase More Bandwidth
- Protect DNS Servers
- Use Network Firewall And Web Application Firewall
- Maintain Strong Network Architecture
- Configure Network Hardware
- Build Redundancy Into Your Infrastructure
- Deploy A DDos Protection Appliance
1. Purchase more Bandwidth
The first and key tips to avoid DoS attack is purchase more Bandwidth. You have to make ensure that you have enough bandwidth to handle any kind of malicious traffic that can disrupt on services.
Since, the attacker consume the bandwidth in the entire network to interrupt the service so, you have to purchase sufficient bandwidth to run the service.
However, this is a safety measure to run your service, but not a DoS attack solution.
2. Protect DNS servers
Cyber attackers are very smart on new technology. They can shut down your website, application, and web servers by attacking DNS servers. If the attacker can get access your DNS servers then, they can shut down your all websites and web servers.
That’s why you have to make ensure that you have redundancy DNS servers and connected with different network. It is better if you placing the DNS servers physically (different countries/regions) in different data centers.
3. Use Network firewall and Web application firewall
To protect from denial of service attack you should use network firewalls, web application firewalls and load balancers also in your data center.
A web application firewall (WAF) is an application based cyber security tool which is designed to protect websites, applications by filtering and monitoring HTTP harmful traffic between a web application and the internet.
WAF will protect your websites, application, and web server. It will allow legitimate traffic and blocking the malicious traffic.
The most used Web Application Firewalls are as follows:
- Fortinet FortiWeb
- Citrix NetScaler App Firewall
- F5 Advanced WAF
- Radware AppWall
- Symantec WAF
- Barracuda WAF
- Imperva WAF
- Sophos XG Firewall
- SonicWallNSa
Learn more about Web Application Firewall (WAF)
4. Create Strong Network Architecture
It is very important to secure your network architecture in order to protect from Dos attack or other malicious attacks. You may secure or create strong network architecture by using the following tools and techniques:
- Keep Your Systems Up to Date
- Use Antivirus and Firewall Solutions
- Use web application firewall
- Maintain the Load balancing of the web server
Every organization should have redundant web servers, hardware and network resources to smooth running of the services. If one server is attacked by attacker then other server can handle or operate the network traffic.
5. Configure Network Hardware
If you have firewall or router in your network, then you need some configuration changes which may protect from DNS and volumetric attacks. When you will configure your firewall or router then simply block the DNS responses from outside your network or drop incoming ICMP packets.
6. Build Redundancy into Your Infrastructure
If an attacker can successfully initiate a DDoS attack against your web servers, then the result is inaccessible of service to the end users. So, it is very important to build multiple data center such as redundant network and hardware infrastructure.
It is essential to ensure that the data centers should geographically in different location and should connect with different network.
However, if one data center is affected by malicious traffic then other unaffected data center can handle the legitimate traffic.
Conclusion
A DoS attack occurs when intended users are unable to access the services such as email, websites, application, online accounts, or other services. It has impact on organization both time and cost when their services are affected and inaccessible to the users.
Finally, it is very difficult to prevent DoS attack. However, we can maintain the above tips to avoid and stop from Denial of service attack. Hope the article “what is the denial of service attack” and DDoS attack will be helpful for you!!!