How DoS Attacks Work

Read this to understand the objective of a denial of service (DoS) attack. When a DoS attack occurs, what happens to a system? Be able to explain how a DoS and a DDoS attack are related and how they differ.

Denial-of-service attacks are ubiquitous. They're ongoing and service providers are constantly under these types of attacks, and they're really difficult to eliminate, and most service providers will just simply throw more bandwidth at the problem. They're getting a large number of requests over the Internet, and it can be trying to attack their routers, their servers, and so on. Now DoS attacks are different, they're not trying to get access to your network, they're not trying to get access to information on your network. They're basically trying to make services and applications unavailable for their typical use. So they will exhaust CPU cycles, they'll use up RAM, they'll fill up page files on servers, they'll overwhelm routing buffers on interfaces, they can also be used to deny services with IDS or IPS sensors that are trying to do their job. So there's all different types of denial-of-service attacks, some of them are kind of trivial, some of them are extremely dangerous; for example, the DDoS attack, which is a much higher level of flooding traffic and it distributes it from a single machine to an entire network. So it'll use a bunch of compromised machines that have remotely-controlled agents or zombies. So DDoS attacks are kind of like a bot, a botnet, okay. You've got a master control mechanism that is directing and controlling that. So what you can, you could consider a bot almost like an advanced form of distributed denial-of-service attack. However, the botnet of course is trying to leverage the connection from that compromised host back to the darknet or back to the servers. So you can consider DDoS attacks, the next generation of DoS attacks, and what we see now are more advanced tools than that because a lot of the firewalls and the sensors are aware of the most common distributed DoS tools, so they have countermeasures built into them.

Source: https://www.learncisco.net/courses/iins/common-security-threats/threats-in-borderless-networks.html
Creative Commons License This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 License.

Last modified: Thursday, April 15, 2021, 2:54 PM