DDOS is an acronym that stands for Distributed Denial of Service. It is a type of computer attack that aims, as the name suggests, to cause the failure of the service recipient of the attack.
The attack is carried out, trying to saturate the available resources of the victim and usually involves the use of one or more computers (often thousands) to flood of requests the victim's server, exhausting all network or calculation resources. So users of the server are no longer able to access the service.
Many types of DDOS attacks exists, some easy to mitigate, others really more difficult. Basically they can be divided into two main groups: those based on Layer 3-4 communication and those based on the Layer 7.
Those based on Layer 3-4, are typically "volume" attacks and try to saturate the channel of access to the Internet or the ability of the equipment to handle a large number of connections.
Attacks based on Layer 7 instead exploit weaknesses in the application layer, trying directly to saturate the server CPU, flooding it with particularly costly requests in terms of computational resources.
Over time these attacks have grown in number and size, reaching lately also the 630Gbit.
Big Web sites or important computer services are almost always subjected to attacks, but now because of the ease with which it's possible carry out one, even small Web sites (especially e-commerce) and services are under threat, with serious economic damage. Moreover arise new types of attack more difficult to mitigate.
There is no universal method to defend against DDOS attacks. Typically for attacks very basic and very small entity, ie a few megabits, you can defend yourself using specific rules in the firewall and using some forethought in the development of the application.
Unfortunately, when the attacks are of greater magnitude, there are no economical solutions. They're necessary specific equipments that cost hundreds of thousands of dollars for the protection from these attacks. Furthermore, it's needed a network infrastructure capable of supporting the arrival of attacks large.
The great majority of providers do not have an adequate infrastructure to support the transition in the own network of these attacks and are in fact forced to remove the attack victim IP from their network, allowing the attacker to fully achieve its purpose, block the service. This provider reaction also prevents the customer to take its countermeasures.
Considering also the high cost of the equipment to protect against such attacks, it is inconvenient for the victim to invest in adequate protection systems.
That's why we developed our DDOS Protection service, to allow everyone to access at a reasonable price to a professional protection against this type of attack, without even having to change the own provider.
Find out how our protection works clicking the below button "How we Protect You".