DoS Attacks vs. DDoS Attacks

Cyber Resilience and Response Subscription Program

DoS Attacks

The Denial-of-Service attack is a simple and effective way to attack the server. The purpose of the attack is to allow the attacked host and server to deny normal user access and disrupt the normal operation of the system. Internet users cannot reach the attacked server and host, causing the server to fail. In its attack process, the attacker firstly makes a large number of service requests with fake IP addresses to the victim server. After receiving the request, the victim returns a confirmation message and waits for the attacker to confirm. Because the request information sent by the attacker is fake, the attacked server cannot receive the information confirmation and has been in a waiting state, but the resources allocated to this request have never been released. When the victim waits for a certain period of time, the connection will be disconnected due to timeout. This is the attacker sending a new request for fake information again. In this way, the server resources are exhausted until it is paralyzed.

DDoS Attacks

The Distributed Denial-of-Service attack is a large-scale attack mode based on DOS. DOS is only an attack mode between a single machine and a single machine. DDOS uses a group of controlled zombies to attack a host. The attack intensity of a server host is much more serious and more destructive than DOS. First of all, DDOS attackers need to find zombie hosts, and find some hosts with backdoor vulnerabilities on the Internet and then intrude into the system to install control programs. These zombie hosts launch attacks on the victim server under the unified command of the attacker. Since this attack mode operates behind the scenes, it is difficult to be monitored. DDOS attackers usually target relatively large sites, such as those of commercial companies, search engines, and government agencies.

Mitigation

  • Regularly scan the network, check for possible security vulnerabilities, and clean up new vulnerabilities in a timely manner;
  • Configure a firewall;
  • Fully utilize load balancing equipment such as routers and firewalls to protect network resources;
  • Filter unnecessary services and ports.

 

Contact LIFARS Immediately for

Your Cybersecurity Mitigation Plans

 


Credits:

https://cyware.com/news/understanding-the-difference-between-dos-and-ddos-attacks-9b92ae37