Common Types of DDoS Attacks

A distributed denial of service (DDoS) attack is a subclass of denial of service (DoS) attacks. DDoS attacks involve multiple connected online devices, together known as a botnet, used to overwhelm a target website with fake traffic.

Unlike other types of cyberattacks, DDoS attacks do not attempt to breach your security perimeter. Instead, they aim to make your servers and website unavailable to legitimate users. DDoS attacks can also be used as a smokescreen for other kinds of malicious activities and to take down security appliances to breach the target's security perimeter. Successful DDoS attacks are highly noticeable events that impact an entire online user base. This makes it a popular weapon of choice for cyber vandals, extortionists, hacktivists, and others wanting to make a point.

DDoS Attack Types

DDoS attacks can last for weeks, days, and even months, making them highly destructive. In the worst cases, DDoS attacks can lead to loss of revenue, weaken consumer trust, cause long-term reputation damage, and force businesses to spend huge amounts in compensation.

Common DDoS attacks types

  • UDP Flood
    The User Datagram Protocol (UDP) is a sessionless networking protocol. In this type of attack, random ports are targeted on a network or computer with UDP packets.

  • SYN Flood
    SYN Flood is a DDoS attack that exploits weaknesses in the TCP connection sequence, known as a three-way handshake. A synchronized (SYN) message to begin the "handshake" is received by the host machine. The message gets acknowledged by the server that sends an acknowledgment (ACK) flag to the initial host, which then closes the connection. However, in a SYN flood, spoofed messages are sent and the connection does not close, shutting down service.

  • HTTP Flood
    HTTP Flood appears to be authorized GET or POST requests that are exploited by a hacker. This DDoS attack uses less bandwidth than other types of attacks, but it can force the server to use maximum resources.

  • Ping of Death
    Ping of Death is a type of DDoS attack capable of manipulating IP protocols by sending malicious pings to a system. This DDoS attack was popular decades ago, but is less effective today.

  • Smurf Attack
    A Smurf Attack is responsible for exploiting Internet Protocol (IP) and Internet Control Message Protocol (ICMP) using a malware program known as smurf. It spoofs an IP address and then uses ICMP to ping IP addresses on a given network.

  • Fraggle Attack
    This DDoS attack uses huge amounts of UDP traffic to a router's broadcast network. It is similar to a smurf attack, but uses UDP instead of ICMP.

  • Application-Level Attacks
    By exploiting vulnerabilities in applications, this DDoS attack types does not go after the entire server, but applications with known weaknesses.

  • Slowloris
    Slowloris targets the web server and uses minimal resources. After connecting with its desired target, Slowloris keeps that connection open for as long as possible with HTTP flooding.

  • Advanced Persistent DoS (APDoS)
    Advanced Persistent DoS (APDoS) is used by hackers who seek to cause serious damage. These attacks can last for weeks, usually because the hacker switches tactics quickly and creates diversions to evade security defenses.

  • NTP Amplification
    NTP Amplification is an amplified reflection attack that exploits Network Time Protocol (NTP) servers, a network protocol employed for synchronizing computer clocks, to overwhelm UDP traffic. It's "amplified" because the response from the server is disproportionate to the original request.

  • Zero-day DDoS Attacks
    Zero-day DDoS attack is the name given to new DDoS attack methods capable of exploiting vulnerabilities that have not yet been patched.

Comodo cWatch Will Help Protect You Against DDoS Attacks

Comodo cWatch incorporates a Web Application Firewall (WAF) provisioned over a Secure Content Delivery Network (CDN). It is a fully capable website security tool that comes with a Cyber Security Operation Center (CSOC) staffed with certified security analysts and powered by a Security Information and Event Management (SIEM) capable of leveraging data from more than 85 million endpoints in order detect and mitigate threats even before they occur.

As a DDoS prevention tool, cWatch offers you the following key features that deliver total security.

  • Malware Monitoring and Remediation
    Detects malware, provides the methods and tools to remove it, and prevents future malware attacks

  • Secure Content Delivery Network (CDN)
    A global system of distributed servers that will distribute the load of a DDoS attack, minimizing its effects.

  • Security Information and Event Management (SIEM)
    Enhanced intelligence leveraging current events and data from 85M+ endpoints and 100M+ domains so that you will have global visibility into the most recent DDoS attacks.

  • Web Application Firewall (WAF)
    Powerful, real-time edge protection for websites and web applications that provides advanced filtering, security and intrusion protection proving a blocking effect against DDoS attacks.

  • Cyber Security Operations Center (CSOC)
    A team of always-on certified cybersecurity professionals providing round-the-clock surveillance and remediation services to do all the work needed against the ever evolving threats.

  • PCI Scanning
    Enables service providers and merchants to stay compliant with PCI DSS

DDoS prevention tool also provides the following benefits:

  • Reduces Risks
    Detailed activity reports help you plan before a malware attack.
  • Saves Time and Effort
    Once cWatch is installed on your website, it will check and clean your website automatically.
  • Protects Your Reputation
    Preventing DDoS helps protect your brand and your revenue stream from both short- and long-term damage.

Related Resource

DDoS Mitigation

How to DDoS Someone on your Network

How does a DDoS Attack Work

Best DDoS Protection

What is DDoS

DDoS Tools

DDoS Protection

© 2023 Comodo Security Solutions, Inc