DDoS & DoS: Difference between- Explained

Introduction

In this post, you will learn the difference between DoS and DDoS attacks. I have already written a post on the red and blue team. To read [click here].

What is DoS Attack?

DoS Attack - explained

DoS stands for denial of service attack and it is a type of cyberattack. The primary target of this DoS attack is to shut down the flow of the internet in an organisation.

Which means making the network inaccessible to the users. The DoS can complete the task by flooding traffic or sending malicious codes which can crash the Network.

A DoS(denial of service) attack did by a single computer and that’s why it is called Denial of service. If clusters of computers are involved in crashing a Network called DDoS.

Also Read: What is DDoS?

How DoS Attack works Exactly! – DoS & DDoS

There are two ways DoS can work they are;

  1. Flooding service
  2. Crashing service

Crashing service is a passive attack. But the primary attacks in DoS are sending more traffic where the domain can’t handle it and at one point the domain should be crashed and gone offline.

DoS is separated into two parts;

  • Buffer overflow attack
  • Flood attack

Also Read: What is DoS in detail

What is DDoS?

DDoS stands for “distributed denial of service“, DDoS is a type of cyberattack. The primary target using a DDoS attack is to take down the Network infrastructure or crash the server. The attack takes place by sending unwanted traffic to the Network which doesn’t allow the real traffic. The interesting fact in DDoS attacks is mostly probably cybercriminals use IoT (Internet of things) devices in distributed denial of service attacks.

I have already written a post on IoT devices. And how they involve in DDoS.

Take look at the below image for better understanding;

DDoS attack example

How exactly DDoS attack works – DoS & DDoS

The most important thing for cybercriminals to conduct a distributed denial-of-service attack is the number of Bots the cybercriminals compromised. Therefore, Bots together forms a Botnet then the criminal is ready to perform an attack. But wait let’s see how he/she compromised, As many devices. According to me cybercriminals most probably don’t compromise active devices such as laptop, computer and phones. Instead, criminals compromise IoT(Internet of things) devices.

Cybercriminals compromise IoT devices because most of the IoT devices uses a default password. Even wifi enable light can be involved in a DDoS attack.

Now the hacker has compromised the device and he has set of traffic and then now the criminal will be searching for vulnerabilities in the traffic. Even if there is no vulnerability found he/she can still perform a DDoS attack but servers and sites got some advanced scanning tools so, if there is a vulnerability found then it will be easier to take over the network infrastructure.

There are three kinds of DDoS attacks;

  1. Application layer attack
  2. Protocol Attack
  3. Volumentric attack

Also Read: What is incident response, In addition, how do the red and blue teams react to the incident?

Also Read: What is the Red and Blue team