Distributed Denial-of-Service attacks is an attempt to make online service offline and unavailable to users by overloading infrastructure on a network level (L2-L4) or application level (L7).
There are several main types of DDoS attack methods:
- Protocol attacks. There are ICMP, Smurf etc. The main idea is to make online service slow or unavailable with a huge amount of cracked or non-valid packets.
- Volume attacks. There DNS amplification, NTP amplification, and other UDP floods. The main goal is to saturate the bandwidth. Sometimes DDoS attack on one website could make an impact for the whole datacenter because of that.
- Application layer attacks. It’s about low-and-slow attacks, flood by GET/POST requests, heavy DB requests etc. The main idea is to use applications vulnerabilities and even legitimate features but in a malicious way to make application unavailable.