Hi, I'm Ryan Sumner. I'm a Chief Network Architect with IBM Cloud. Today, I'm gonna give you the basics of a DDoS attack. A DDoS Attack is an attempt by an attacker to create so much traffic or congestion to a target application, or an internet application, that It impedes the traffic flow of normal visitors. So, what normal visitors might see, or the owner of the application might see, as a result of a DDoS attack being impeded upon them, is they might see a drastic reduction in speed, they might see a complete outage, or they'll see some unexplained consequences that they don't normally see within their day-to-day operations. So, to demonstrate this a bit more, I'll show to you how normal traffic flows from users on the internet to the target server using its internet connection here. So, we'll have normal Internet users here. We'll have the clean traffic that comes through the internet and traverses through the connection from the internet to the target server. So, this traffic flows just perfectly fine with no slowdown or - there's no constriction on that traffic flow. So, how does an attacker create so much traffic that it causes an inability for this clean traffic to flow from the internet to the target server through its connection. So does the attacker just have that many friends? Usually not. And he's not going to pick up the phone and say, "Jump on your computer, now let's all attack this target server!" He's done his homework. And he has access to a collection, or a network of attacked, or hacked, or compromised computers across the internet. Sometimes these might be IoT devices, they might be people's computers, they might be other servers on the internet. But all of these attacked or compromised computers are at the control of the attacker and we call that network a "botnet." The reason it's called a botnet is because now the attacker can remotely control this network of hacked computers almost like they're robots. And the attacker can tell that botnet what to do, and exactly for how long, and exactly where he wants to do it. So, the attacker when they're ready to start the attack, will call on all of these hacked computers, or robots within the botnet, and start to generate traffic from all of these systems over the internet. Now, what ends up happening is we create congestion through this pipe that's coming from the internet to the target server. So, as this congestion is occurring, and this never stops, they've created so much congestion across it. And the amount of time that the botnet that is being executed continues to exceed, and these internet users are continuing to attempt to come in. However, the pipe is so congested that they can no longer enter the roadway. So, this is the basics of a DDoS Attack. So, if your application is slow, you're experiencing downtime, or just other odd behavior you might be under a DDoS. Check below for more information. Leave us some comments, ask some questions, and if you like this content please subscribe and "like".
