When I started my career as Network Engineer I was not much aware of the difference between DOS attack and DDOS attack. It is because in many sources these two terms used to refer the same/ similar type of attacks where both are using same techniques to shut down victim server. Later when I started learning network security, I realized the difference between DOS and DDOS. To learn more about DOS attack follow the link below.
What is Denial Of Service Attack
What is the Difference between DOS Attack and DDOS Attack
Difference between Denial of Service Attack (DOS) and Distributed Denial of Service Attack (DDOS) lies in the number of participants included in the attack. In DOS Attack one computer is participating but in DDOS attack multiple computers are participating in the attack. Both are using the same technique to down the victim like sending too much connection requests to the victim and let the victim crash. The concept of botnet lies with DDOS Attack. Each computer participates in the Distributed Denial of Service Attack is called botnet. A botnet can be either an infected computer or an active computer designed to participates the attack.
Both DOS and DDOS attacks are difficult to stop without hurting the functionality of the victim server. It is because unlike other hacking attempts, DDOS attacks do not utilize the source code vulnerability but over-using the resources of the server. In some recent studies, it is revealed that no one is using the traditional methods like sending too many packets (layer 3 attacks) to down the victim but they learned many advanced techniques to bypass the Firewall protection against Distributed Denial of Service Attack. Some advanced hacking groups possess the knowledge to attack a victim through various network layers using different vectors. They may first start with sending an unlimited number of ICMP messages and later turn to UDP, TCP, etc. It makes the attack more complex.
So in a nutshell Denial of Service Attack (DOS) uses one computer to attack a server where DDOS uses multiple computers to complete the mission.
What is Denial Of Service Attack
What is the Difference between DOS Attack and DDOS Attack
Difference between Denial of Service Attack (DOS) and Distributed Denial of Service Attack (DDOS) lies in the number of participants included in the attack. In DOS Attack one computer is participating but in DDOS attack multiple computers are participating in the attack. Both are using the same technique to down the victim like sending too much connection requests to the victim and let the victim crash. The concept of botnet lies with DDOS Attack. Each computer participates in the Distributed Denial of Service Attack is called botnet. A botnet can be either an infected computer or an active computer designed to participates the attack.
Both DOS and DDOS attacks are difficult to stop without hurting the functionality of the victim server. It is because unlike other hacking attempts, DDOS attacks do not utilize the source code vulnerability but over-using the resources of the server. In some recent studies, it is revealed that no one is using the traditional methods like sending too many packets (layer 3 attacks) to down the victim but they learned many advanced techniques to bypass the Firewall protection against Distributed Denial of Service Attack. Some advanced hacking groups possess the knowledge to attack a victim through various network layers using different vectors. They may first start with sending an unlimited number of ICMP messages and later turn to UDP, TCP, etc. It makes the attack more complex.
So in a nutshell Denial of Service Attack (DOS) uses one computer to attack a server where DDOS uses multiple computers to complete the mission.
Further Readings
1. What is TCP Split Handshake Attack
2. What is Smurf attack and How to prevent it
No comments:
Post a Comment