With the recent DDOS attack on a country that’s in the Korean Peninsula, I was wondering how this actually happens and how it takes down the entire internet infrastructure?
In: 3
A server has tens of thousands of ports that can be either open or closed.
An open port can be made available to listen to requests.
Websites typically listen on port 80 by default – and a ddos attack tends to just be a simple application that will flood port 80 of the address with repeated requests.
If it does this alone; then firewalls are capable of recognising that a large number of requests are coming from the same source and can then block that application.
It can also limit the number of requests coming from the same source to prevent simple ddos attacks like this.
Most big business has invested in infrastructures that have load balancing – and can shift server resources dynamically when the loads become significant – and this can prevent or reduce the impact of a ddos attack.
This is the simple version.
The reality is that ddos attacks are becoming more sophisticated (i.e. viruses that affect multiple PCs – that then go on to each spam the service; meaning there is no one source).
Ddos attacks happen every day. Most of them are easily combatted though.
Latest Answers