Tag: DoS

Los Dedos te atacan

--Originally published at Ce qui est chouette

This post will deal with DoS (Denial of Service) and DDoS (Distributed Denial of Service). Los Dedos te atacan comes from DDoS sounding like dedos (fingers in spanish) when reading from a spanish perspective.

Los Dedos te atacan
Hand by Hana Tichá on Flickr under a CC License.

DDoS and DoS attacks have the same goal. Render an online service—like an API, online gaming networks like Xbox Live or PlayStation Network, or your average webpage—unavailable for its legitimate users. This is usually done by flooding the victim’s server with requests or performing a particular request that triggers some action to bring the server down. In the end, both these attacks set their aim at the Availability part of the CIA Triad.

A traditional DoS attack consists on the same computer performing these requests, so you could imagine this type of attacks would be easy to defend against. SPOILER ALERT: they are. Usually just a check for the same IP address making multiple requests in a short span of time does the trick. The real problem lies with DDoS, mainly because of the first D.

DDoS attacks are the steroid-pumped version of DoS attacks, is just mentioned, because of the Distributed part of it. A DDoS attack is based on the same idea, but instead of a single computer, the culprit of the attack is a network of computers of any type—hijacked personal computers, remote servers from all around the globe, or IoT things, like fridges or security cameras. The fact that this network could be distributed, in the geographical sense, means that identifying the attacking computers is harder and takes much more time.

Types of DoS

Now onto the details, these are the classes of DoS attacks:

TCP.

This type of attack attempts to block all the available connections to the infrastructure by using up all their TCP ports.

Volumetrics.

Consume all of the victim’s bandwidth with gigabyte-sized requests.

Fragmentation.

Flood the victim with fragments and overwhelm their server’s reassembly capability.

Application.

Specific flaws in applications, like a backdoor of sorts.

– Your friendly fingerful neighborhood guy.

References
Rivera, N. (September 11, 2016). La diferencia entre un ataque DoS y un ataque DDoS. On Hypertextual. Recovered from https://hipertextual.com/2016/09/ataque-ddos-dos-diferencias