Types of DDos attacts and how to do it and how to protect website from DDos attack

Types of DDos attacts and how to do it and how to protect website from DDos attack 

Types of DDos attacts

 

            Distributed Denial of Service Attacks (DDoS) can shut down your websites and network. We list the different types of DDoS attacks and offer resources to stop DDoS attacks.

What is a DDoS attack?

          It’s when hackers are able to flood an IP address with hundreds or thousands of messages, often through the use of botnets or through a coordinated hacktivist effort, taking the network to the point where legitimate users aren’t able to get through – hence, the denial of service.

 

      

While DDoS offer a less complicated attack mode than other forms of cyberattacks, they are growing stronger and more sophisticated. There are three basic categories of attack:
  • volume-based attacks, which use high traffic to inundate the network bandwidth
  • protocol attacks, which focus on exploiting server resources
  • application attacks, which focus on web applications and are considered the most sophisticated and serious type of attacks
Different types of attacks fall into categories based on the traffic quantity and the vulnerabilities being targeted.

DDoS attacks Types

SYN Flood

SYN Flood exploits weaknesses in the TCP connection sequence, known as a three-way handshake. The host machine receives a synchronized (SYN) message to begin the “handshake.” The server acknowledges the message by sending an acknowledgement (ACK) flag to the initial host, which then closes the connection. In a SYN flood, however, spoofed messages are sent and the connection doesn’t close, shutting down service.

UDP Flood

The User Datagram Protocol (UDP) is a sessionless networking protocol. A UDP flood targets random ports on a computer or network with UDP packets. The host checks for the application listening at those ports, but no application is found.

HTTP Flood

HTTP Flood appears to be legitimate GET or POST requests that are exploited by a hacker. It uses less bandwidth than other types of attacks but it can force the server to use maximum resources.

Ping of Death

Ping of Death manipulates IP protocols by sending malicious pings to a system. This was a popular type of DDoS two decades ago, but is less effective today.

Smurf Attack

A Smurf Attack exploits Internet Protocol (IP) and Internet Control Message Protocol (ICMP) using a malware program called smurf. It spoofs an IP address and using ICMP, it pings IP addresses on a given network.

Fraggle Attack

A Fraggle Attack uses large amounts of UDP traffic to a router’s broadcast network. It’s similar to a smurf attack, using UDP rather than ICMP.

Slowloris

Slowloris allows attackers to use minimal resources during an attack and targets on the web server. Once it has connected with its desired target, Slowloris keeps that connection open for as long as possible with HTTP flooding. This type of attack has been used in some high-profile hacktivist DDoSing, including the 2009 Iranian presidential election. DDoS mitigation with this type of attack is very difficult.

Application Level Attacks

Application Level Attacks exploit vulnerabilities in applications. The goal of this type of attack is not to go after the entire server, but applications with known weaknesses.

NTP Amplification

NTP Amplification exploits Network Time Protocol (NTP) servers, a long-time network protocol used to synchronize computer clocks, in order to overwhelm UDP traffic. This is an amplified reflection attack. In any reflection attack, there is a response from the server to a spoofed IP address. An amplified version means the response from the server is disproportionate to the original request. Because of the high bandwidth used when DDoSed, this type of attack can be devastating and high volume.

Advanced Persistent DoS (APDoS)

Advanced Persistent DoS (APDoS) is an attack type used by hackers who want to cause serious damage. It uses a variety of the styles of attacks mentioned earlier (HTTP flooding, SYN flooding, etc.) and regularly targets multiple attack vectors that send out millions of requests per second. APDoS attacks can last for weeks, largely due to the ability of the hacker to switch tactics at any moment and to create diversions to elude security defenses.

Zero-day(0-day) DDoS Attacks

Zero-day DDoS attack is the name given to new DDoS attack methods that exploit vulnerabilities that have not yet been patched.for information of zero-day click here




  How to protect website from DDos attack 

 1st Choice

                   Use cloud service for manage website.Some are free(some 30 days free ) and some are paid.

2nd Choice
                   But it is free and not good choice, Disable all 16bits connotation 


How to do DDoS attack 

  1. In PC =Click Here
  2. In Android = Click Here

 

Comments

Post a Comment

Popular posts from this blog

How to trace someone ip and location?

How to trace someone ip and location?    This tutorial for education purpose only we don't responsible for any thing.Spying into someone's mobile without his/her permission is illegal.Please proceed in own risk. Our channel and blog intend to violate Community Guidelines.   Hi friends,                    I am giving information you about social engineering.All most hacking attacks are doing with this trick.Social engineering is one types of spamming. Means "Hathike dath kaneke or Dikane ke or".                   This time I would teach only trace someone public IP.You all know using IP we can trace all details like location,browser.API and etc.  Steps of finding someone IP     1.Go to  IP logger / Geabify IP logger /Blasze IP logger But I will give only IP logger`s example 2.Then Go to " Invisible Image " 3.Then click "Generat...
Read more

how to install metasploit kali linux

Hi, I have Kali Linux App from the App Store on Windows Subsystem for Linux and Windows 10 Host. I also have Kali Linux 2 on VMware but that's not the problem. I'm trying to install Metasploit on the Kali App. I've entered: sudo su apt-get -y install build-essential zlib1g zlib1g-dev libxml2 libxml2-dev libxslt-dev locate libreadline6-dev libcurl4-openssl-dev git-core libssl-dev libyaml-dev openssl autoconf libtool ncurses-dev bison curl wget postgresql postgresql-contrib libpq-dev libapr1 libaprutil1 libsvn1 libpcap-dev apt-get install git-core postgresql curl ruby1.9.3 nmap gem gem install wirble sqlite3 bundler cd /opt git clone https://github.com/rapid7/metasploit-framework.git   cd metasploit-framework bundle install ./msfconsole Everything worked fine and Metasploit starts up with no problems. Now I'm trying to setup the database. I enter: su postgres createuser msf -P -S -R -D createdb -O msf msf exit I get the error:...
Read more

twofi

twofi Package Description When attempting to crack passwords custom word lists are very useful additions to standard dictionaries. An interesting idea originally released on the “7 Habits of Highly Effective Hackers” blog was to use Twitter to help generate those lists based on searches for keywords related to the list that is being cracked. This idea has been expanded into twofi which will take multiple search terms and return a word list sorted by most common first. Source: https://digi.ninja/projects/twofi.php twofi Homepage | Kali twofi Repo Author: Robin Wood License: Creative Commons Attribution-Share Alike 2.0 Tools included in the twofi package twofi – Twitter words of interest root@kali:~# twofi -h twoif 2.0-beta Robin Wood (robin@digininja.org) (www.digininja.org) twoif - Twitter Words of Interest Usage: twoif [OPTIONS]     --help, -h: show help     --config <file>: config file, default is twofi.yml     --count...
Read more