What are DDoS Attacks?

DDoS stands for “Distributed Denial of Service”, which is the more harmful cousin of DoS “Denial of Service”. The distributed part means that the attack is being carried out on multiple computers, usually spread across the nation or world. These attacks are very simple in nature but very difficult to stop, think of these attacks similar to if you kept calling a local pizza place than hung up every time someone answered. These calls would deny other customers from placing their order because you were constantly tying up the phone line. Say the pizza place had an option to block your calls based on your phone number, the lines could be free again and people could order their pizzas. That is an example of a single DoS attack, however a DDoS attack would be if you had access to hundreds of different phone numbers to call the pizza place so the pizza place would not be able to distinguish if the caller wanted to place a legitimate order or was a part of this attack.

DDoS Diagram
Source: www.niiconsulting.com

These attacks on websites and servers are very similar to this pizza place metaphor, attackers have access to what is known as “botnets” which are infected computers that they control to spam websites and servers with bogus “packets” (chunks of data). The result of this is either the server becomes very slow, inaccessible to legitimate users, or in the worst case completely crashes. As you might imagine firewalls try to filter out these packets and may succeed but the problem still remains that even blocking these requests takes up processing resources of the firewall which may eventually crash or overwhelm the firewall, causing it to stop functioning properly.

What can be done?

  1. Buy more bandwidth for your server or website to hopefully prevent slowdowns from the attacks.
  2. Set up routers and firewalls to block packets from known sources of attacks and obvious attack patterns.
  3. Call your ISP (Internet Service Provider) to explain the situation and see if they can take any action including mitigation.
  4. Hire a mitigation company such as Cloudflare or Akami who takes the brunt of the attack on their servers then filters out legitimate traffic to yours. (These can be very costly but worth every penny if you’re on online merchant and stand to lose thousands for every second your servers are down).

In my opinion these attacks will only get worse in time as bandwidth availability is steadily increasing all over the world and the generation of hackers are becoming more clever and brilliant every day.

2 thoughts on “What are DDoS Attacks?

  1. Tim Reply

    Hi, ive been getting attacked on xbox live for the past few days after I made someone mad and they found my IP address somehow. I’ve tried unplugging the router a bunch of times to see if that would help but im still getting attacked, is there anything i can do to stop this?

    • Connor Maher Post authorReply

      Hi Tim, unfortunately I’ve read experiences like yours are very common especially when a competitive game is being played. My guess would be that your attacker is attacking from a single device (most likely his home computer) after finding your IP address using any number of tools for this purpose and attacking using a basic network stressing tool. Luckily this form of attack is easier to protect against, there are a few options you have:

    • Contact your ISP and tell them what is going on, if they are a good company they should assist you with this or point you in the right direction
    • If you have a dynamic IP address (meaning it possibly changes in time) you can try waiting it out until a new IP address is assigned to you and avoid your attacker if you know their online identity
    • Go into your routers settings and look at the network logs to see where the attacking source is coming from and block that IP address.
    • Thanks for your comment and I hope you find a speedy resolution to your problem. If you give me your router model I can look into a more in depth solution. – Connor

Leave a Reply

Your email address will not be published. Required fields are marked *