DoS = Denial Of Service
DDoS = Distributed Denial Of Service
Whilst DoS and DDoS sound remarkably similar there are in fact differences between the two :
DoS
- A DoS Attack is a Denial of Service attack.
- This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP).
- The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources.
- This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there.
DDoS
- A DDoS Attack is a Distributed Denial of Service Attack.
- In most respects it is similar to a DoS attack but the results are much, much different.
- Instead of one computer and one internet connection the DDoS attack utilises many computers and many connections.
- The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet.
- The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet.
What Is Botnet ?
- A large number of computers that have been infected, and effectively hijacked, can be grouped together to achieve a common purpose. This group of hijacked computers is commonly referred to as a ‘botnet’.
- Cyber criminals, who are often part of global syndicates, can remotely control all of the machines in a botnet whilst retaining almost complete anonymity.Botnets are often utilised for a variety of purposes, all without the user’s knowledge.
- These nefarious tasks include -
- sending huge amounts of spam emails
- launching denial of service attacks against targeted websites
- spreading viruses
- stealing personal information for identity theft attacks
- Additionally, because botnets are controlled remotely, they can be used to install software, such as keyloggers, which can then be used for monitoring keystrokes on a computer keyboard. This will then typically yield passwords and information about various accounts, such as bank accounts and social networking profiles, allowing the controller(s) of the botnet to commit fraud or propagate the hijacking through other sites.At this moment in time there is no easy method of disabling botnets as those behind them are extremely clever at hiding their work and re-routing information in order to evade detection. There are a large number of botnets in existence across the globe, the most notable of which is probably Waledec which is linked to the notorious Conficker worm, and may have several millions of computers in its network.
- The main difference between a DDoS attack vs a DoS attack, therefore, is that the target server will be overload by hundreds or even thousands of requests in the case of the former as opposed to just one attacker in the case of the latter.
- Therefore it is much, much harder for a server to withstand a DDoS attack as opposed to the simpler DoS incursion.
No comments:
Post a Comment