DDoS stands for Distributed Denial of Service. It's a method cybercriminals use to flood a network with so much malicious traffic that it cannot operate or communicate as it normally would. This causes the site's normal traffic, to come to a halt.
Generally, there are three types of DDoS attack methods:
- Volume Based Attacks. Includes UDP floods, ICMP floods, and other spoofed-packet floods.
- Protocol Attacks. Includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more.
- Application Layer Attacks.
Can DDoS attacks steal data and information?
DDoS attacks cannot steal website visitors information. The only purpose of a DDoS attack is to overload website and server resources. However, DDoS attacks can be used as a way of extortion and blackmailing. For example, website owners can be asked to pay a ransom for attackers to stop a DDoS attack.
How dos a DDoS attack work?
Once a botnet has been established, the attacker is able to direct an attack by sending remote instructions to each bot. When a victim’s server or network is targeted by the botnet, each bot sends requests to the target’s IP address, potentially causing the server or network to become overwhelmed, resulting in a denial-of-service to normal traffic.
Because each bot is a legitimate Internet device, separating the attack traffic from normal traffic can be difficult.
SchoolStatus sees specific schools being target by cybercriminals. A school is targeted and usually sustains multiple attacks and it's the duration that may begin to affect the overall performance of the server. When other customers notice a lag-time, it's probably the result of the attack on one school on the same server. Our servers scale to handle the load, but the longer the attack, the more difficult it is to scale.
How to mitigate a DDoS attack
Mitigating a multi-vector DDoS attack requires a variety of strategies in order to counter different trajectories. The more complex the attack, the more likely it is that the attack traffic will be difficult to separate from normal traffic. The goal of the attacker is to blend in as much as possible, making mitigation efforts as inefficient as possible.
Mitigation attempts that involve dropping or limiting traffic indiscriminately may throw good traffic out with the bad, and the attack may also modify and adapt to circumvent countermeasures. In order to overcome a complex attempt at disruption, a layered solution will give the greatest benefit.
- View this great article at Cloudflare (includes a video overview)
SchoolStatus uses a variety of methods to detect and mitigate DDoS attacks. No one is impervious to these attacks, but having the proper infrastructure, monitoring and mitigation tools set up to deal with them when they occur helps keep our sites running as smoothly as possible. You can always view our status monitor if you are wondering how our servers are doing.
Comments
0 comments
Article is closed for comments.