Denial of service (DOS) and distributed denial of service (DDOS) attacks are tools used by hackers to distort online services. The consequences of these attacks can be wild and sometimes costing bigger companies millions of dollars. Denial of Service (DoS) attack is different from a DDoS attack.
DoS = Denial Of Service
DDoS = Distributed Denial Of Service
This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP). The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources. This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there. Such attack tries to bring the network to its knees by flooding it with useless traffic.
Many DoS attacks, such as the “Ping of Death” and “Teardrop attacks”, take advantages of limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, hackers are inventing new DoS attacks.
In most respects it is similar to a DoS attack but the results are much, much different. Instead of one computer and one internet connection the DDoS attack uses many computers and many connections. The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet.
Such attacks are launched from multiple computers. The machines involved could number hundreds of thousands or more. But, these machines aren’t all owned by the attacker, naturally. They are usually added to the hacker’s network by means of malware. This group of machines is also known as a botnet.
A DDOS attack is particularly frustrating to defend against, because it’s very difficult to distinguish legitimate traffic from attacker traffic. There are many different DDOS attacks, such as HTTP or SYN flooding. HTTP flooding is merely the practice of sending thousands upon thousands of requests to the server in an attempt to overwhelm it. The SYN flood fills the TCP network with unacknowledged packets of data. This can have dire consequences and can even impact users unrelated to the intended victim.
DoS and DDoS: What is the difference between the two?
While DoS and DDoS sound remarkably similar there are in fact differences between the two. We are trying to cover the differences between DoS and DDoS. Let’s see what are the differences:
- The main difference between a DoS and DDoS attack is that the target server will be overload by hundreds or even thousands of requests in the case of the former as opposed to just one attacker in the case of the latter. The DOS attack is usually launched from a single machine, as opposed to a DDOS attack which is launched from multiple machines.
- DDOS attacks are normally worse than DOS attacks. They are launched from multiple computers. The machines involved could number hundreds of thousands or more. Therefore it is much, much harder for a server to withstand a DDoS attack as opposed to the simpler DoS attack.
- DoS and DDoS attacks are conducted differently. DDoS attacks are executed through the use of botnets or networks of devices under the control of an attacker. In contrast, DoS attacks are generally launched through the use of a script or a DoS tool like Low Orbit Ion Cannon(LOIC).
- The other key difference is the volume of attack leveraged. DDoS attacks allow the attacker to send much more volumes of traffic to the victim’s network than DoS attacks’ volume of traffic.
- DOS attack can do temporary or permanent damage to a website. It can also slows down network performance. In contrast, the damage from a DDoS attack is much stronger.
Not all distributed attacks involve botnets; some attack tools leverage volunteers who work together by sharing their available computer resources to take part in a common goal. The hacker group “Anonymous” has used DoS and DDoS toolsfor this very purpose.