attacks

What are DoS and DDoS Attacks?

What is the difference between DoS and DDoS?  (Photo credit: Kevin Ku)

What is the difference between DoS and DDoS? (Photo credit: Kevin Ku)

A “Denial of Service” (DoS) attack involves disrupting a computer or network and making it unavailable to users. This can be accomplished by exploiting a vulnerability in the system. One common DoS method is to flood the network with requests to overload it, which stops legitimate requests from coming through.

A “Distributed Denial of Service” (DDoS) attack is a DoS attack that comes from multiple coordinated sources. This is often achieved by using a botnet, which is a network of private computers maliciously being controlled without consent from the owners. A botnet has strength in numbers and is able to overwhelm a target by abusing protocols such as DNS, ICMP, and Network Time Protocol.

Here are some ways to protect yourself against DoS and DDoS attacks:

  • Use a multi-level defense strategy. This could include Intrusion Prevention and Detection Systems, firewalls, VPNs, content filtering, secure backups, and more depending on the scope of your network.

  • Keep software and firmware updated on all of your network devices. Avoid using hardware that is no longer supported with security updates from the manufacturer.

  • Monitor your network traffic. Understand your baseline so you can recognize anomalies as they occur.

  • Consider implementing cloud-based technologies as a way to outsource DDoS prevention.

Denial of Service attacks normally target business and larger companies, but individuals should also practice good security habits online. This includes using a firewall, keeping your software and OS updated, and not clicking suspicious links or opening strange emails. This will help prevent your system from unknowingly becoming part of a botnet, and will keep you safer online. Stay informed, and stay vigilant!