DDoS Attack Types

Because there are literally dozens of different types of DDoS attacks, it’s difficult to categorize them simply or definitively. The three most common categories recognized industrywide are volumetric, protocol, and application layer, but there is some overlap in all of these. For example, some protocol attacks can also be volumetric.

What’s more important than trying to perfectly categorize attacks is to understand the variety of methods attackers have at their disposal to perpetrate DDoS attacks. It’s just as important to understand that attackers will target any vulnerable part of your infrastructure, from the network all the way up to the application and its supporting services. (For a unique look at how modern apps are constructed and where they’re vulnerable to all types of attacks, not just DDoS, see Apps Are Like Onions; They Have Layers.)
Volumetric attacks, also known as floods, are the most common type of DDoS attack. They typically send a massive amount of traffic to the targeted victim’s network with the goal of consuming so much bandwidth that users are denied access. As we’ve already seen, attackers often use botnets to increase the volume of traffic hitting the target network or server. This has aided attackers in launching massive DDoS attacks, which can range from hundreds of gigabits per second to terabits per second—well beyond the capacity that most organization can handle on their own networks.

Protocol attacks. Instead of targeting higher level resources such as a web server, protocol attacks (sometimes called “computational” or “network” attacks) deny service by exploiting either weaknesses in or the normal behavior of protocols—typically OSI layer 3 and layer 4 protocols such as ICMP (Internet Control Message Protocol), TCP (Transport Control Protocol), UDP (User Datagram Protocol), and others. The goal is to exhaust the computational capabilities of the network or intermediate resources (such as firewalls), resulting in denial of service. Because protocol attacks deal at the packet level, they are typically measured in packets per second.

More Info: what are ddos attacks

Comments

Post a Comment

Popular posts from this blog

Tech Industry Takes the Lead in Redefining Work

One common theme during the pandemic has been an acceleration in the changes taking place at work. Whether it is cloud adoption, remote working or general workforce practices, the rapid response to restrictions has driven new thinking about long-term operations. Many tech firms have been out in front when it comes to redefining how work gets done. Examples include: Major companies such as Twitter, Facebook, Google and Microsoft extending remote work policies until the end of the year or indefinitely. Tech firms such as Zoom, Uber, Snap and Pinterest joining a coalition aimed at improving conditions for working parents. Salesforce launching work.com as a resource to help businesses reopen safely. Most businesses realize that digital transformation is only partially about the technology. The real key to transformation is changing workflow and culture. Technology tools open up new possibilities, but the full potential is not realized if the processes and behavior stay the same. No one kn
Read more

CompTIA A+ 220-1001 and A+ 220-1002 exam

Nowadays CompTIA certification is getting popular day by day. I am glad that you are interested in CompTIA A+ 220–1001 and 220–1002 certification. If you are really want to get the newest and valid PDF notes CompTIA A+ certs than simulationexams is one of the best sites. The PDF Form of A+ (220–1001) and (220–1002) Cram Notes is intended to help you pass the exam, providing wide coverage of latest A+ objectives and a few scenario type questions to enable you to understand the concepts. While CompTIA's A+ certification is a great way to get your foot in the door for general IT work, they also offer a range of more specialized certifications. If you have a very clear idea of where you want your blossoming IT career to head, or if you already have a good base of IT knowledge, you can begin to consider how you would like to specialize. Network+ certification or CompTIA Cloud Essentials are both great add-ons to an A+ Certification. The IT field is continuously growing at an accelera
Read more

Questions a+ certification

As always, CompTIA exams like to really test how well you follow instructions. Read the questions slowly and thoroughly. Then read the question again. I found myself flustered with a very simple question. Here’s what happened: On the 902 exam, one of the interactive questions asked to configure a new disk while accounting for future redundancy. Simple enough! So I went to initialize it and set the partitions as requested. There was a second disk available. I tried to configure a mirrored array. CompTIA simulations are very limited and won’t let you really click on a wrong answer. I couldn’t configure a mirrored array and got frustrated. I flagged the question for later to avoid wasting time. At last I returned with forty minutes left to answer. Suddenly, my error come apparent. They asked me to configure the disk for future redundancy, not redundancy right now. I set it to a dynamic disk and called it a day. This is the kind of stuff they love to throw at you in a CompTIA exam. A few
Read more