TCP/IP Model Physical Layer
TCP/IP Model Internet Layer
TCP/IP Model Transport Layer
TCP/IP Model Application Layer
Protection: Proper Configurations
How do DDoS attacks work?
-In a typical DDoS attack, the assailant exploits a vulnerability in one computer system, making it the DDoS master. The attack master system identifies other vulnerable systems and gains control of them by infecting them with malware or bypassing the authentication controls through methods like guessing the default password on a widely used system or device.
A computer or network device under the control of an intruder is known as a zombie, or bot. The attacker creates what is called a command-and-control server to command the network of bots, also called a botnet. The person in control of a botnet is referred to as the botmaster. That term has also been used to refer to the first system recruited into a botnet because it is used to control the spread and activity of other systems in the botnet.
Botnets can be composed of almost any number of bots; botnets with tens or hundreds of thousands of nodes have become increasingly common. There may not be an upper limit to their size. Once the botnet is assembled, the attacker can use the traffic generated by the compromised devices to flood the target domain and knock it offline.
The target of a DDoS attack is not always the sole victim because DDoS attacks involve and affect many devices. The devices used to route malicious traffic to the target may also suffer a degradation of service, even if they aren’t the main target.