What is Denial of Service?
Denial of service is attempt to temporary or indefinitely interrupt the services to its intended users.
This attack targets the availability of an IT System (Web Server). This attack is launched when the attacker is not able to harm the integrity and confidentiality of an IT System. This attack results in the non availability of the services provided by any targeted server. The legitimate users can’t find the services by any means.
What is Distributed Denial of Service?
DDoS is a type of denial of service attack commonly known as DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack.
Although, DOS attack doesn’t lead to data theft or such kind of information but DOS can make any person or company suffer. The loss can be of any type whether it is time or money. Those companies which are running big businesses can’t afford loss. They have businesses going 24/7, DOS can give them a tough time.
DDoS attacks can also result in change in programming or files that are placed in the compromised system.
A Web Server is a machine which receives client’s request and upon the request the Web Server executes the particular query. The Web Server is capable of handling multiple requests at a single time.
However, Server is capable of handling a number of requests at a same time.
If a Web Server is able to respond to 1000 clients per second then the
Server is in safe state. Here the threshold is equal to 1000 responses/second.
Take a scenario when a Server is entertained with 2000 client requests at a single time. This time Server won’t respond to the requests and will go in sleeping phase.
The Server will not provide any services to its legitimate users, causing denial of service.
This is a time where the Server loses all its command and controls to facilitate the requests.
The Server is compromised by the attacker that is why it acts like a Zombie doesn’t capable of serving any query requested by a single user or a group of users.
Compromised Systems or Botnets
Unlike a Denial of Service attack in which one computer connected the internet floods targeted Server or its resources with numerous number of packets. Here in this attack the attacker uses a huge number of compromised machines (computers) to target a specific Web Server or anything like that. The compromised machines then sends a lot of request packets to the server causing a denial of service. Where the Server isn’t able to entertain as many requests and turn into waiting phase and stops responding its services. These compromised systems are also known as botnets (computer systems infected with malicious software, that sends spams to the target places).
How DDOS attacks are performed on Web Server?
Eventually, all the stuff related to denial of service and distributed denial of services are explained to understand what and how it works.
Now take a practical example of how DDOS attacks simulation on a Web Server.
We will make use of an automated tool known as Low Orbit Ion Cannon or shortly known as LOIC.
In order to perform successful attack ,this application (LOIC) needs the Server domain name for which the DoS attack has to be performed.
Using this, it resolves the IP address of the target domain and prepares the attack.
Since the target Server is running on the Web, it requires port number 80.
Following are the methods through which the attack could be launched.
Since the attack focuses on the Webs Server, that is running on port 80 so it requires HTTP Protocol.
Thread is the basic unit of CPU utilization. Any process with number of threads is set as 10.
LOIC will make any HTTP flooded process as multi-threaded process with 10 threads as an instance.
The flooding starts when the IMMA CHARGIN MAH button is pressed.
In this way DDOS attacks are initiated for example on www.xyz.com, the attacker sends thousands of requests to the Server with the help of LOIC. If the Server’s maximum threshold is 1000/second and Server got 3000 requests at a single time. The result would in denial of service.
When legitimate users access the Web Server, they wont get any kind of service. Following image is a result of DDOS attack.
Multiple botnets could be used in this process, which is known as Distributed Denial of service attack.
Learn about how to hack a website with SQL Injection step by step.