DoS and DDoS attacks: what is it and how to protect yourself?

A DoS or DDoS attack is usually aimed at websites or server-based online offers. The servers or other resources are overloaded in such a way that the offer can no longer be reached. So e.g. For example, access to websites can be blocked or the online function of a video game can be paralysed. DDoS attacks become a problem for your own computer when they are integrated into a botnet through remote takeover and used for some of the many page or service requests. This guide is about the individual terms and how to protect against the threats.

What is a DoS attack and what is the difference to DDoS attacks? What is the target of the attacks and how do you protect servers from them? The right answers to these and other questions can be found here.
What is a DoS attack and what is the difference to DDoS attacks? What is the target of the attacks and how do you protect servers from them? The right answers to these and other questions can be found here.

What is a DoS attack?

The abbreviation DoS stands for "Denial of Service". In a DoS attack, cybercriminals attempt to overload the resources of a computer, network, or service in such a way that it is no longer available to regular users. The ultimate goal is to disrupt the availability of a service for as long as possible or at a critical time, disrupting normal operations. DoS attacks can be carried out from a single system using specific apps or scripts.

What is a DDoS attack?

The main difference between DoS and DDoS attacks is the number of attacking computer systems. While in a DoS attack a single system tries to paralyze a service, in a "Distributed Denial-of-Service" (DDoS) a bot network of many infected computers is behind the attack. DDoS attacks are usually harder to stop because they are launched from many different sources at the same time. The exclusion of individual accesses, channels or IP addresses can only mitigate the attack, but not end it.

How does my computer become part of a bot network?

Privately used computers are abused for DDoS attacks by becoming part of a bot network. A botnet consists of a multitude of infected computers that can be remotely controlled by cybercriminals. You can send synchronized network requests in order to overload a server in a bundle. But how does that happen? How does my computer become part of a criminal network? Well, this can happen in different ways - through an active or passive download, as well as through various malware.

The malware can get onto the computer through a dubious download, an e-mail attachment or through unnoticed downloads (drive-by downloads) on infected websites. In addition to the actual software or the script, it can also be a Trojan Horse act that, in addition to openly visible content (an app or media content), brings hidden content for the subsequent attack. In addition, security gaps in the operating system or in an app can be exploited to gain access to the computer - that's called Feat.

Carrying out a DoS or DDoS attack

Criminals use various techniques to carry out a DoS or DDoS attack. A popular method is to overload the target server with a large number of requests that exhaust its resources. The server is flooded with requests, the CPU is overloaded and the main memory is also used excessively. Another method is to exploit vulnerabilities in the network or software to overload or crash the service. This does not require many requests, but rather a trigger to trigger a bug or similar errors.

Examples of known server attacks of this type

There were more recent DDoS attacks, for example, in February 2023 on German airports and in January 2023 on the Danish central bank. As part of the Russian war of aggression in Ukraine, Russia launched digital attacks on Ukrainian services, followed by hacking and DDoS attacks on Russian services organized around the world in response. The attack on the Internet service provider Dyn, which led to the failure of Reddit, Spotify, Airbnb, Twitter and Netflix in 2016, also dates back somewhat. There are other larger examples of DDoS attacks since 2008 at Wikipedia.

How companies can protect themselves against DoS and DDoS attacks

There are several protection options for companies, Internet service providers, hosting services, server operations for apps and games, website operators and anyone else who operates or books servers. Individually, these do not completely protect against DoS and DDoS attacks, but together they should be able to avert the worst. These are some proven tips:

  • Network monitoring: By constantly monitoring network traffic, suspicious activities can be detected at an early stage and countermeasures can be taken immediately. Automatic warning systems can be used to only have to intervene in an emergency.
  • Load balancing: By using load balancing technologies, the impact of attacks can be minimized as they distribute traffic across multiple servers or even multiple server locations.
  • Firewalls and Intrusion Prevention Systems (IPS): Deploying firewalls and IPS helps monitor network traffic, detect malicious activity, and block access from suspicious sources. Unlike mere warning systems, these tools can automatically intervene and initiate countermeasures.
  • Updated software and patches: Just like on home computers and smartphones, the operating systems, applications and network components on servers and connected computers should also be kept up to date. If the latest version is used and patches for security gaps are always installed with the release, then the entire system is kept secure.
  • Content Distribution Network (CDN): By using a CDN, the traffic from websites and services with high data volumes (video streaming, music downloads, large software packages, etc.) is distributed over several server networks at different nodes. Originally intended to offer fast downloads, these server structures can also contain the effects of DDoS attacks.

Protecting the private computer from being used in a bot network

Again, the generally valid tips apply here, which also help to protect against other malicious software: keep operating systems and apps up to date, install all updates and bug fixes, do not open attachments from strange e-mails, do not click on links from such e-mails, Software only from the App Store or from reputable sources (known app packages, developer websites, etc.) and not from download portals download, and also monitor network traffic. Among other things with Little Snitch you can see whether an unknown Internet communication is going out from your computer.

Conclusion on the topic

DoS and DDoS attacks pose a serious threat to companies and Internet service providers. Knowledge of the different attack methods and the implementation of suitable protective measures are crucial in order to minimize the effects of such attacks. Private users do not have to be afraid of too many network requests to their computers. However, infecting your computer with the appropriate malware can cause it to send remote requests as part of a botnet, thereby becoming part of an attack. You can also protect yourself from this.

My tips & tricks about technology & Apple

Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership would support.

Post a comment

Your e-mail address will not be published. Required fields are marked with * marked

In the Sir Apfelot Blog you will find advice, instructions and reviews on Apple products such as the iPhone, iPad, Apple Watch, AirPods, iMac, Mac Pro, Mac Mini and Mac Studio.