What is a DDOS Attack?
In computer networking, a distributed denial-of-service attack (DDoS) is an attack in which the attacker seeks to render a specific system or network resource temporarily or permanently unavailable to its victims. Distributed denial of service attacks are performed by attackers that control multiple victim systems. Unlike traditional types of Internet attacks, where an IP address identifies a single system or computer, the underlying principle of DDoS is that an Internet user can bring down or damage several systems simultaneously from different computers that have different IPs. This makes it impossible for a system to relay information during such an attack accurately.
Distributed denial-of-service is one of the most formidable forms of cyberattacks, and it can wreak havoc on your business. If you have a server used for your company’s online operation, then a distributed attack against it can bring down many of its important services. With a single DDoS attack, you can get pretty much anything on the Internet to go down.
How does it work?
A DDOS attack is carried out by a network of devices that can range from PCs to IoT devices that have been infected by a malware that allows the attacker to control them. The attacker then orders these devices to send many requests, causing a server to be overwhelmed by the number of requests. Of course, there are many variations of this attack, but they all share the basic concept of overwhelming a web server.
How to identify a DDOS attack?
The most obvious indicator is a site or a service slowing down or shutting down completely. However, many reasons can cause these issues, such as legitimate traffic spikes, so you should do some extra investigation. Here are some of the signs you should look for while investigating:
- A big amount of traffic originating from a single IP or a range of IP addresses
- A lot of traffic from users with the same behaviour
- Unexplained requests for a single page
- Spike patterns at odd times.
How To Deal With DDOS Attacks?
As we mentioned above, always try to locate the IP addresses responsible for the attack and block them; however, this won’t be possible in some situations, so here are some steps you can take to mitigate the damage.
- software packages in your web server such as mod_reqtimeout that ships with apache can help to defend against DDOS attacks
- Increase server power
- Use Load balancers to balance the DDOS load on multiple servers
- Setup a firewall application
Consider hiring a DDOS mitigation service such as Cloudflare.
If you want to learn more about security threats and how to protect your website against them check out these articles