A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the regular functioning of a network, service, or website by overwhelming it with a flood of internet traffic.
Unlike a regular Denial of Service (DoS) attack, which is conducted from a single source, a DDoS attack involves multiple compromised computers and devices, forming a network of bots or “zombies.” These coordinated attacks can be much more powerful and challenging to mitigate.
Types of DDOS Attacks
There are three types of DDOS attacks effecting websites:
| Type | Description |
|---|---|
| Volumetric Attacks | Flood the target with a high volume of traffic to consume available bandwidth. |
| Protocol Attacks | Exploit vulnerabilities in network protocols, such as the Transmission Control Protocol (TCP) or Internet Control Message Protocol (ICMP). |
| Application Layer Attacks | Target specific applications or services to exhaust server resources, often more challenging to mitigate because the traffic appears legitimate. |
DDoS attacks can have severe consequences, ranging from financial losses for businesses to disruption of critical online services. Organizations invest in DDoS protection measures to minimize the impact of such attacks and maintain the availability and reliability of their online services.
Mitigating DDOS Attacks
Mitigating Distributed Denial of Service (DDoS) attacks for websites involves implementing a combination of proactive measures and reactive strategies to minimize the impact of the attack.
Here are some example mitigating controls:
| Type | Description |
|---|---|
| Content Delivery Network (CDN) | Use a CDN to distribute website content across multiple servers and locations. This helps distribute the incoming traffic and provides a level of protection by absorbing some of the attack traffic closer to its source. |
| Web Application Firewall (WAF) | Deploy a Web Application Firewall to filter and monitor HTTP traffic between a web application and the Internet. WAFs can identify and block malicious traffic, including that generated by DDoS attacks. |
| Traffic Rate Limiting | Implement rate limiting to restrict the number of requests a server will accept from a single IP address or a range of IP addresses. This can help mitigate the impact of volumetric DDoS attacks. |
| Anycast DNS | Use Anycast DNS to distribute the DNS resolution process across multiple servers and locations. Anycast can help absorb DDoS traffic by spreading it across multiple servers. |
| Load Balancers | Distribute incoming traffic across multiple servers using load balancers. This helps prevent a single server from becoming overwhelmed and ensures that legitimate traffic is directed to available resources. |
DDoS attacks can vary in their nature, so having a combination of these mitigation strategies provides a more robust defense against different types of attacks.
Out of the box, NOC provides all these services via our CDN / WAF solution. We specialize in detecting and mitigating DDoS attacks, taking the load off your host, infrastructure and application.