DOS (Denial of Service) Attack: This attack takes place when original users are unable to access information from system, devices or from another network resources caused due to actions of a malicious threat actor. In this case of Denial of service attack typically uses a single computer and internet connection and flood the target system with fake requests and thus causing traffic and obstruction of service provided by the target system to intended users. These kinds of attacks have evolved technically now a days most of attacks taking place are DDOS Large Distributed Denial of Service (DDOS) they disrupt organizations website availability causing higher damages. Both DOS and DDOS purpose is same the only difference is DOS attack come from one source whereas DDOS attacks come from multiple locations.GITHUB Denial of Service Attack 2018: I would like to focus on most famous and Recent 2018 Major denial of service attack using Distributed system also considered as worlds biggest DDOS attack in the world. Code repository GitHub was under attack in 2018 and magnitude of attack varying from 1.3Tbps to 1. 7Tbps.
Luckily in this case there are no outages as service provider has taken enough precautions to mitigate the attack.The attacks use shoddily secured Memcached database servers to amplify attacks against a target. The assailant spoofs the UDP address of its victim and used ping a small data packet at a Memcached server that doesn’t have an authenticated traffic requirement in place.
The server responds by firing back as much as 50,000 times the data it got. With multiple data packets sent out per second, the Memcached server unwittingly amplified the deluge of data that can be sent against the target. Without proper filtering and network management, the heavy inflow of data could be enough to some of providers offline.Suggestions to Safeguard from such attacks:We can block off UDP traffic from Port 11211, which is the default avenue for traffic from Memcached servers. In addition, the operators of Memcached servers need to lock down their systems to avoid taking part in such denial of service attacks. Some other safety measures for website safety include Activating a Website Application Firewall, Country blocking if website is used only in particular countries ,Monitor Traffic to be aware of attacks ,Block Application Layer DDoS Attacks,Look for Other Attacks When a Website is Being Hit By a DDoS Attack sometimes these attacks are used as diversion by attackers.References:1) https://www.guru99.com/ultimate-guide-to-dos-attacks.html2) https://blogs.haltdos.com/2018/07/17/what-is-ddos-attack/3) https://sucuri.net/guides/what-is-a-ddos-attack4) https://www.theregister.co.uk/2018/03/05/worlds_biggest_ddos_attack_record_broken_after_just_five_days/5) https://sucuri.net/guides/what-is-a-ddos-attack