Before defining what a DDoS or Distributed Denial of Service attack is, the (standalone) DoS attack must first be identified in order to avoid confusion between the two similar terms. First off, a Denial of Service or DoS attack is exactly as its name describes it to be—it's a method hackers use in order to deny services to regular users, usually in the form of a flood of requests from different servers to make a given website unavailable for browsing by virtue of overloaded traffic. Now, the difference between a DDoS (Distributed Denial of Service) attack and a DoS (Denial of Service) attack all hinges on a single word: Distributed, which implies wide distribution from multiple sources. To put it simply, DoS attacks refer to single-host attacks, while DDoS attacks refer to larger, bigger, and numerous multi-system ones (usually involves zombie agents or botnets).
Moreover, DoS attacks encompasses any attack that specifically compromises systems to limit the availability of their services, including DDoS ones. An attacker that mounts an attack from a single host is doing a DoS attack, while a hacker that instead uses over a thousand or more systems to launch at the same time corporate-scale smurf attacks, fraggle attacks, or any other type of bandwidth consumption attacks against a remote host is doing a DDoS attack; it's all a matter of scale and the numbers game. Whenever a sheer multitude—arguably a botnet army—of compromised systems overwhelm the servers of a single targeted network or website with a distribution of requests and whatnot, therefore causing the denial of service for users of the system, then it is considered a DDoS attack.
The deluge of incoming messages, traffic, and whatnot to the intended target basically compels it to shut down or burn out altogether from the excess bandwidth usage from sources other than its own regular visitors and other legitimate users. The average DDoS attack goes like this. The black hat starts his nefarious deed by first taking advantage of an unpatched vulnerability in a given computer system and turning it into the DDoS master system of sorts. Afterwards, this master system is used by the intruding cracker to identify and communicate with other systems that also possesses the same vulnerability and can be cracked as well.
After the online outlaw has amassed thousands of compromised systems at his disposal, he can then load cracking tools of all shapes and sizes he either wrote himself or got off the worldwide web. You don't even need to be an expert hacker to do this either; you can be a script kiddie with loads of cracking tools you got off the Internet and it could still work out splendidly in the end. Once everything is set up accordingly, all you need to do is launch a single command in order to instruct your zombie agents to launch a combined, multi-system flood of redundant requests, spam, and so forth on a specified website, email system, network, and so forth.
|➤ Related pages|
Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software
SecPoint is specialized to deliver the best IT security solutions and products.