DDoS Attacks are widespread threats on the internet. With the continually increasing numbers of connected devices and new innovative ways of hacking them, we can’t just stay and wait to get affected. We should smartly implement our DNS infrastructure and choose a trusted DNS provider to be safe and to evade the downtime of our services.
But to be protected, we must know the danger.
DDoS attack
DDoS attack (denial-of-service attack). There are few different types, but in general, a DDoS attack is an attempt to overwhelm the target (a computer, few connected computers or a whole DNS network) with high traffic from multiple sources.
Common types of DDoS attack
Smurf Attack
This attack is performed over the ping tool (ICMP echo request). The ping tool is used to check the reachability of connected devices. When you send a ping request to the destination address, you should receive a confirmation. It this DDoS attack, the ping is sent to a device but from a masked IP. The return confirmation doesn’t go to the original source, but it is redirected to the target of the attack. All the infected devices will do the same, and they will send the traffic to the victim.
Teardrop Attack
This action involves sending packets of data to the victim. The packets are fragmented, and the target can’t make sense of them because of a bug in the TCP/IP fragmentation reassembly, this makes the victim crash.
Ping Of Death
It also uses the ping tool for bad. It takes advantage of the TCP/IP fragmentation and sends IP packets with a size bigger than 65,536 bytes, the maximum possible of IP protocol. The victim device, don’t know how to react to those packets and crashes, freezes or reboots.
Preparing a DDoS attack
To launch a DDoS attack, first, the criminals need to “recruit” enough connected devices that later will generate the traffic. To do so, they infect those machines with different malicious software (from emails, visiting unprotected sites and more) and create so-called botnets – hijacked devices ready to be used when it is time for the attack. There are even markets for botnets, where you can buy an attack on a website of your choice.
How to prevent a DDoS attack and stay safe?
The cyber-criminals can make a vast network of botnets, but it doesn’t mean you can’t be protected.
All plans provide unlimited Layer 3-7 DDoS Protection. Whichever you pick from them, you will be able to use 4 DDoS protected DNS servers, 21 Anycast locations and unlimited DNS records and DNS queries.
Or you can use our Secondary DNS as a backup DNS, so you always have a backup copy of your DNS records.
It adds resilience, reduce the outage periods by answering requests even if the Master is down.
Conclusion
The more extensive your DNS network is, the better. The massive traffic from the attackers can be distributed between your servers in the different locations, and it will ease the load.
Alert: For Control Panel Help & Tutorials, click here: Panel Tutorials