May 2, 2019 | Written by: Ryan Sumner
Categorized: Network | The New Builders
Share this post:
DDoS attacks explained
I’m excited to be bringing you guys a new lightboarding video that focuses on DDoS (distributed denial of service) attacks. In the video, I’m going to define the term, explain how a DDoS attack affects your application or user experience, and demonstrate how an attacker uses a botnet to create so much traffic that normal users are unable to get through the congestion.
I hope you enjoy the video, and stay tuned for more! If you have any questions or comments, drop a note in the comments on YouTube and we’ll make sure to answer.
- IBM Cloud Internet Services
- Learn – Networking: A Complete Guide
- Full playlist of all our lightboarding videos
What is a DDoS attack?
Hi, I’m Ryan Sumner, Chief Network Architect with IBM Cloud. Today, I’m gonna give you the basics of a DDoS attack.
Definition of a DDoS attack
A DDoS attack is an attempt by an attacker to create so much traffic or congestion to a target application or an internet application that it impedes the traffic flow for normal visitors.
Effects of a DDoS attack
So, what the normal visitors might see, or the owner of the application might see as a result of a DDoS attack being impeded upon them—they might see a drastic reduction in speed, they might see a complete outage, or they’ll see some unexplained consequences that they don’t normally see within their day-to-day operations.
How normal traffic flows
So, to demonstrate this a bit more, I’ll show you how normal traffic flows from users on the internet to the target server using its internet connection here.
So, we’ll have normal Internet users here.
We’ll have the clean traffic that comes through the internet and traverses through the connection from the internet to the target server. So, this traffic flows just perfectly fine, with no slowdown or there’s no constriction on that traffic flow.
How does an attacker create the attack?
So, how does an attacker create so much traffic that it causes an inability for this clean traffic to flow from the internet to the target server through its connection.
So does the attacker just have that many friends? Usually not. And he’s not gonna pick up the phone and say, “Jump on your computer, and now let’s all attack this target server.”
He’s done his homework, and he has access to a collection, or a network, of attacked or hacked or compromised computers across the internet. Sometimes these might be IoT devices, they might be people’s computers, they might be other servers on the internet. But, all of these attacked or compromised computers are at the control of the attacker and we call that network a “botnet.”
The reason it’s called a botnet is because now the attacker can remotely control this network of hacked computers almost like their robots. And the attacker can tell that botnet what to do, and exactly for how long, and exactly where he wants to do it.
So, the attacker, when they’re ready to start the attack, will call on all of these hacked computers—or robots—within the botnet and start to generate traffic from all of these systems over the internet.
Botnet creates congestion and impedes normal users
Now, what ends up happening is we create congestion through this pipe that’s coming from the internet to the target server. So, as this congestion is occurring—and this never stops, right?—they’ve created so much congestion across it.
And the amount of time that the botnet that is being executed continues to exceed and these internet users are continuing to attempt to come in. However, the pipe is so congested that they can no longer enter the roadway.
So, this is the basics of a DDoS attack.
So, if your application is slow, you’re experiencing downtime, or just other odd behavior you might be under a DDoS.
- We’ve Moved! The IBM Cloud Blog Has a New URL
- Use IBM Cloud Certificate Manager to Obtain Let’s Encrypt TLS Certificates for Your Public Domains
- Are You Ready for SAP S/4HANA Running on Cloud?
- Kubernetes Tutorials: 5 Ways to Get You Building Fast
- Using Portworx to Deploy and Manage an HA MySQL Cluster on IBM Cloud Kubernetes Service
Kubernetes Tutorials: 5 Ways to Get You Building Fast
Ready to start working with Kubernetes? Want to build your Kubernetes skills? The five tutorials in this post will teach you everything you need to know about how to manage your containerized apps with Kubernetes.
Video – What is a DDoS Attack?
Ryan Sumner, Chief Networking Architect, gives an overview of DDoS attacks and just how the attacker's botnet can affect the target application and its users.
What is Object Storage?
In our latest lightboarding video, Anirup Dutta explains how object storage works, lists some of the benefits, and give you some use cases for when object storage may be your best option.