What Is DDOS Attack and How Does It Work


What Is DDOS Attack and How Does It Work

What is DDOS?

Distributed Denial Of Service, it’s an attack from several sources that target a server or a network in order to prevent the service offered from being provided to the clients connected to that system.

How does that happen?

By overwhelming the attacked system with traffic that prevents the normal traffic to reach the meant client which leads to a “service denial”.


How does it work?

The attacker first starts to build his army or in another word build his network of machines by sending harmful software to these machines. After controlling and gaining access to this network, each of its devices is turned into a slave that we call “bot”. The set of slaves in the network are called “botnet”. The botnet strength is measured by the number of devices that build this botnet

Now the attacker has full access and control to his botnet and can manipulate against any intended victim.

The army is ready and the war is up, the attacker sends remote instructions to the botnet machines individually, then each machine starts to implements the given instructions.

These instructions could be sending connection requests to the victim, or sending enormous random data to the victim, in both ways the flood of traffic will overwhelm the target and cause the denial of the service provided by this network

What are DDOS types?

● Application layer attack:

What is the application layer?

It’s the seventh layer of the TCP/IP OSI model, or in an easy way it is one of the network layers that are responsible for the interaction between human and the network service.

When you search for a specific HTTP link, your application start to access the network in order to search for that link and an HTTP request is sent to the server to load this requested page. When attacking the application layer the bots start sending several HTTP requests to the target which flood the server and cause the denial of the service.

● Protocol attack:

This attack mainly works on layer 3 and layer 4 of the OSI model.

Layer 3 (Network layer), it’s the layer responsible to choose the physical track that the data will take.

Layer4 (Transport layer), it’s the layer responsible to transmit data using transmission protocols.

This type of attacks work on consuming all the capacity of the web servers or of any intermediate software by sending packages requests and not confirming receiving an acknowledgement from the target server which overwhelms the network with these waiting acknowledgements and causes a denial of the service

● Volumetric attack:

The target of this attack type is to overwhelm the attacked network with a massive set of data (recently reached 1tera) in order to reach the limit of the network bandwidth and cause service denial

this set of data or requests are following an amplification technique, through the internet DNS server, the attacker sends requests to the DNS resolver with the IP address of the target victim, the DNS server response with an enormous set of data that are amplified.

This type of attacks nowadays happens with extremely high rates.
The shocking thing about DDOS is that there are some underground sales companies that work in selling botnets to attackers! So attacking the victim now became easier. but let me introduce you to the good news, WorldPosta is here!
Using WorldPosta cloud-based email service provider, you can guarantee being fully protected against any DDOS attack.
WorldPosta service infrastructure consists of servers distributed all over the world which ensure the highest availability with no network congestion problems that are the main reasons for a successful DDOS attack.
In addition, the advanced built-in protection system can detect any bad behaviour such as overwhelming the network with too many requests and leading to service denial.
At last but not least, WorldPosta level of agreement (SLA) can maintain availability level, up to 99.9 %, which make WorldPosta service a reliable one that you can depend on.