DoS, DDoS,TDoS

  • Published: Tuesday, Nov. 23, 2021

Denial of Service (DoS). This term is transparent. You want service, it's denied. In technology, a denial of service is a form of cyber attack. These attacks are meant to shut down a device or entire network, making it unusable and inaccessible. 

There are different ways to launch a denial of service offensive. The end result is to flood the target with traffic and overload the resources so it is unable to handle all of the requests. Many times the system's firewall is overwhelmed and unable to respond. Some examples:

  • UDP flooding: Large amounts of packets using the UDP protocol are sent to the target. 
  • Buffer Overflow: A large volume of data is sent and is more than the memory buffer can handle. This can cause corruption in the web application. 
  • ICMP Flood: Spoofed packets ping every computer on the network, triggering the network to amplify the traffic and causing a bottleneck.
  • SYN Flood: This attack involves requesting a connection to the server but never completes the ack process. This flood will continue until all open ports are filled and no legitimate traffic can connect.

Distributed Denial of Service (DDoS)

These attacks will utilize multiple computers that have been compromised in order to distribute the attack sources. The compromised machines act as bots and the cluster is considered a botnet. A command and control center will orchestrate the attacks using this army of botnets. Many times vulnerable Internet of Things (IoT) devices are used in these types of attacks.

Telephony Denial of Service (TDoS)
Malicious inbound calls will flood a target, making the system unusable. Victims of this type of attack are usually government and high-profile companies and emergency services such as 911. This attack can be carried out by a single attacker or become a distributed occurence.

Follow security best practices and hardening of internal systems to assist with defending against these attacks. Ensure ports and services that are not needed are disabled or restricted. Assign trusted IP addresses to help prevent access and limit responses to attempted malicious sources.