A DoS attack is a denial of service attack where a computer (or computers) is used to flood a server with TCP and UDP packets. A DDoS attack is where multiple systems target a single system with a DoS attack. The targeted network is then bombarded with packets from multiple locations.
The key difference between DoS and DDoS attacks is that the DDoS uses multiple internet connections to put the victim’s network offline whereas the DoS uses a single connection. DDoS attacks are more difficult to detect because they are launched from multiple locations so that the victim can’t tell the origin of the attack. Another key difference is the volume of attack leveraged, as DDoS attacks allow the attacker to send massive volumes of traffic to the victim’s network.
It is important to note that DDoS attacks are executed differently to DoS attacks as well. DDoS attacks are executed through the use of botnets or networks of devices under the control of an attacker. In contrast, DoS attacks are generally launched through the use of a script or a DoS tool like Low Orbit Ion Cannon.
Some hackers try such attack with their own coded tools while others use previously available tools. One of such tools widely used for DDoS and DoS Attack is LOIC Tool.
ARP spoofing is used to link an attacker’s MAC to a legitimate network IP address so the attacker can receive data meant for the owner associated withthat IP address.
ARP spoofing is commonly used to steal or modify data but can also be used in denial-of-service and man-in-the-middle attacks or in session hijacking.
Even though DOS attacks are a constant threat to modern bussiness & organizations, there are a number of different steps that one can take to stay protected against before and after DoS attack. Before implementing a protection strategy it is very much important to recognize that we won’t be able to prevent every DoS attack that comes our way. That being said, we will be able to minimize the damage of a successful attack that comes our way.
|Preemptive Measures: Network Monitoring
Monitoring your network traffic is one of the best preemptive steps you can take. Monitoring traffic will allow you to see the signs of an attack before the service goes down completely. By monitoring your traffic you’ll be able to take action the moment you see unusual traffic levels or an unrecognized IP address. This can be the difference between being taken offline or staying up.
Before executing an all-out attack, most attackers will test your network with a few packets before launching the full attack. Monitoring your traffic will allow you to monitor for these small signs and detect them early so that you can keep your service online and avoid the costs of unexpected downtime.
|Test Run DoS Attacks:
|Unfortunately, you won’t be able to prevent every DoS attack that comes your way. However, you can make sure you’re prepared once an attack arrives. One of the most direct ways to do this is to simulate DDoS attacks against your own network. Simulating an attack allows you to test out your current prevention methods and helps to build up some real-time prevention strategies that can save lots of money if a real attack comes your way.
|Post-Attack Response: Create a Plan
|If an attack gets off the ground then you need to have a plan ready to run damage control. A clear plan can be the difference between an attack that is inconvenient and one that is devastating. As part of a plan, you want to designate roles to members of your team who will be responsible for responding once an attack happens. This includes designing procedures for customer support so that customers aren’t left high and dry while you’re dealing with technical concerns.
About Author :
Sanjeev Singh is Certified Cyber Security Specialist & Professional. Also, Founder of "CYBER4ALL Community".
His area of interest are Red Teaming, Offensive Security, Digital forensics, Malware analysis & Security Assessments & Penetesting.
He is active blogger and publisher of Cyber Security related articles on Cyber4All.
LinkedIn Profile: Singhsanjeev617
The articles and tutorials published on this site are performed under safe environments with all safety measures and supervision of Cyber Experts & Professionals. And it is only intend for educational purposes & to be aware about such activities. These contents should not be used for any illegal purposes.
"Performing such things without taking concerns of respective owners of System & Resources is tottaly illegal and punishable under various IT Acts and Laws."