Lecture 2 - DDOS Flashcards
What does DDOS stand for?
Distributed Denial Of Service Attack
What is DDOS?
attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
This is done by an attacker infecting devices with malware so that they become bots and are used to make requests to the target in order to overwhelm it. The bot devices form a bot-army.
Why is seperating DDOS traffic and normal traffic hard?
Because each bot is a legitimate Internet device, separating the attack traffic from normal traffic can be difficult.
How to defend against a DOS?
- anticipate attacks and prepare enough resources to handle (this includes high volume events not specifically attacks)
- We can do things before the attack
- We can do things to filter and detect attacks
- We can do things during the attack (traceback and identification)
- We can do things after the attack (attack reaction, usually fixing vunerabilities that let us down)
Can DOS attacks be prevented entirely?
No