Hi, welcome to Alibaba cloud security training program. For this session, we shall cover the introduction to the DDoS attack. This is the objective of this training session. We should know what a DoS attack is. We should understand to theories of DoS attacks. Know the root cause of DoS attacks, and finally, know what is a DDoS attack. Before going into detail, it is necessary to give a brief definition of what a DoS attack is. DoS is an acronym for denial of service. A DoS attack is a simple, effective, and harmful cyber attack technique. The purpose of such an attack is to make the server or network unavailable to its legitimate users, destroying the availability of CIA tried. Denial of service attacks are considered violations of the internet architecture board's internet proper use policy. And also violate the acceptable use policies of virtually all internet service providers. They also commonly constitute violations of the laws of individual nations. Here are some typical symptoms of a denial of service attack. Unusually slow network performance, or opening files or accessing websites, unavailability of a particular website, inability to access any website, and dramatic increase in the number of spam emails received. For better understanding of a DoS attack, we need to know the theories behind a DoS attack. One common method of a DoS attack involves flooding the target machine with external communications requests. So much so that it cannot respond to legitimate traffic, or respond so slowly as to be rendered essentially unavailable. Such attacks easily lead to a server overload. In general terms, DoS attacks are implemented by ADA forcing the targeted computers to reset or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately. Thereby blocking the website or whatever else is hosted there. Here we can see from the picture, the attack is flooding the targeted machine with superfluous requests, in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. This will make the server inaccessible to others. Hence, the legitimate users cannot get connected to the server. A DoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter disrupting trade. Systems vulnerabilities or application bugs can be used by attackers to launch a DoS attack. For example, the attacker sends a malformed network packet causing the system or application to be abnormal and unable to process legitimate users requests. The root cause of a DoS attack is the security flaws of network protocol. DoS attack is a normal, effective, and simple attack technique. And its attack approach is developing successively. And DDoS, the powerful threat has occurred. Then what is a DDoS attack? It is short for distributed denial of service. In most respects, it is similar to a DoS attack. If an attacker mounts an attack from a single host, it will be classified as a DoS attack. In fact, any attack against availability will be classified as a denial of service attack. On the other hand, if an attacker uses many systems to simultaneously launch attacks against a remote host, this would be classified as a DDoS attack. In most cases, what's really being referred to is a distributed DoS attack. A distributed denial of service attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compressed systems, for example a botnet, flooding the target systems with traffic. A botnet is a network of zombie computers programmed to receive commands without the owner's knowledge. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial of service attack are that multiple machines can generate more attack traffic than one machine. Multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier making it harder to track and shut down. The feature of such an attack is in large scale collaboration. Whereby the computers are distributed around the whole world, collaborating with each other. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This after all will end up completely crashing a website for periods of time. The most serious attacks are distributed. Criminal perpetrators of DDoS attacks often target sites or servers hosted on high profile web servers, such as banks, credit card payment gateways, and even root name servers. Revenge, blackmail, and activism can motivate these attacks. This technique has now seen extensive use insert in games, used by server owners or disgruntled competitors on games. During a DDoS attack, a botnet or a logical collection of internet connected computers whose security has been breached and control seeded by the attacker is created. A compromised computer known as a bot is created when it is penetrated by a bot command. For example, a malware distribution by the attacker. The controller of a botnet is able to direct the activities of these compromised computers through communication channels formed by standard based network protocols, such as IRC and hypertext transfer protocol or HTTP. A botnet can be a group of hundreds, thousands, or even tens of thousands of zombie computers that are under the control of the attacker. Since the incoming traffic, flooding the victim originates from many different sources. This large scale collaboration characteristic makes it impossible to stop the attack simply by using ingress filtering, and makes the victim server unavailable to its legitimate users. This is all for this session. I hope from this video you have a much better understanding of the DoS attack. Thank you for joining Alibaba cloud training program. Goodbye.
