DoS, DDoS or even DRDoS – In a DoS attack, a service is so overloaded with requests that it can no longer process the regular requests of other users.
A denial of service attack can be compared to a road with so many cars on the way to a destination that it is impossible for traffic to flow.
A Distributed Denial of Service attack (DDoS) is a attack that is carried out by several devices on a target. These are mostly devices infected by the attacker, which are controlled as so-called bots via a command & control server.
Think of the internet as a series of pipes. A DDoS attack causes these pipes to become blocked.
In a (Distributed) Reflected Denial of Service attack (DRDoS), the behavior of the UDP protocol is exploited in, so that an attacker requests other network services – such as DNS or NTP – with the IP address of his victim, whereupon these services direct their answers to the victim and make it inaccessible to others.
A reflected denial of service attack can be compared to someone who places orders on your behalf with delivery services, taxis and deliverers and they all queue up at your door with the same statement: “We got an order with your name and yours Address”.
Meanwhile, your friends are standing on the doorstep and cannot come in again.
Other types of DoS attacks:
In a teardrop attack, an attacker overwhelms his victim with fragmented IP packets. If IP packets get too big, they are split into smaller packets and reassembled at the destination. The “Fragment Offset” field is essential for this. It indicates the position in the entire data packet at which this sub-packet is located in order to ensure correct composition. If this field is now manipulated, the victim can no longer put these packets together correctly and the victim is placed in a denial of service state, if the attempt is continued. This primarily affects older operating systems such as Windows 95, NT and devices with a Linux kernel of version 2.1.63 and older.
The creation of a feedback loop is called a banana attack. To do this, the attacker must have compromised the outgoing router. The router under the control of the attacker sends received frames back to its victim and uses the received frames from the victim to generate incoming frames in which it writes the address of the victim. The victim is flooded with his own messages and copies of them until they collapse under the load.
In smurf attacks, the attacker sends ICMP packets to all devices in the network directly or via the broadcast address, with the sender entered as the victim. As a result, the victim now receives all the answers and is supposed to collapse under the burden.
Permanent Denial of Service, or PDoS for short, is an attack that aims to damage an attacked system so severely that it is necessary to reinstall the system or replace system components.
This is achieved, for example, by exploiting a security gap that allows an attacker to replace the firmware of a device with a manipulated or defective version, which means that the device can no longer perform its actual function until it has been rectified or replaced.
The attackers’ motives are mostly economic. Companies use these attackers to damage competitors and thus damage companies. As a result of the Dos attacks, many websites are no longer accessible, which means that companies suffer a loss of sales and / or a loss of image.