DDoSPedia is a glossary that focuses on network and application security terms with many DDoS-related definitions. It provides a central place for hard to find web-scattered definitions on this topic.
Distributed Denial of Service attacks or
are a variant of Denial-of-Service attacks where an attacker or a group of attackers employ multiple machines to carry out a DoS attack simultaneously, therefore increasing its effectiveness and strength. The "army" carrying out the attacks are mostly often composed of innocent infected zombie computers manipulated as bots and being part of a
controlled by the attacker via a Command and Control Server. A botnet is powerful, well-coordinated and could count millions of computers. It also insures the anonymity of the original attack since the distributed denial of service attack traffic originates from the bots' IPs rather than the attacker's. In some cases, mostly in ideological DDoS attacks, this "army" could also be composed of recruited hackers/hacktivits participating in large distributed denial of service attack campaigns (
DDoS attacks are hard to detect and block since the attack traffic is easily confused with legitimate traffic and difficult to trace.
There are many
types of DDoS attacks
targeting both the network and the application layers. They could be classified upon their impact on the targeted computing resources (saturating bandwidth, consuming server's resources, exhausting an application) or upon the targeted resources as well:
Distributed denial of service attacks usually comprises more than three attack vectors thus increasing the attacker's chances to hit its target and escape basic DoS mitigation solutions.
During distributed denial of service attacks on any of the layers mentioned above, there is an attempt to stop legitimate visitors from accessing the data normally available on the website, access private data, vandalize a site, or completely shut down a service. This can happen to sites and businesses in any industry - from financial services such as banks to e-commerce or B2B.
During the attack, the attackers may flood a network with requests and information. Flooding can be accomplished by a dedicated group of attacker voluntarily using their own machines - such as from a "hacktivist" group or other organized entity - or they can hijack machines to use for the attack. They may also scan applications and servers for possible exploits, or attempt to force access to sensitive data.
The motives for attack may differ - from "hacktivism" to criminal intent - and the methods can change. A robust security suite is necessary to ensure that your networks and sites are protected from the latest advances in this constantly evolving landscape. Radware offers a host of
solutions that will keep your assets protected from intruders and hackers with fast updates and responses to new methods of attack.