Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks concentrate on rendering any resource (i.e., site, server, or application) inaccessible for whichever function it was created for. There are numerous means for making services inaccessible to their legitimate customers, including manipulation of network packets, resource handling, programming, or logical vulnerabilities. When services receive several requests, they may become unavailable for legitimate customers. Likewise, services can also stop due to exploitation of programming vulnerability, or how the service manages the resources it utilizes. The attacker may, at times, inject and effect arbitrary code when carrying out DoS attacks for accessing key data or executing server commands. DoS attacks considerably damage the service quality, negatively affecting legitimate customers experience. They give rise to significant delays in response, service disruptions, and huge losses, thereby directly affecting the availability of service (OWASP, 2015). This form of cyber-attack attempts to make a certain target service inaccessible for audiences. As DoS vulnerabilities for applications are fairly uncommon and mostly get fixed fairly quickly, a majority of DoS attacks are performed by exploiting the weak spots of network protocols. Prevention

An efficient prevention plan for DoS attacks begins with network layout and culminates in application code, via an exclusive ACL or...

High-capacity devices for DoS mitigation are essentially firewalls having roughly 30 Gigabit per second capacity; each of these is designed expressly for discovering and filtering DoS traffic. This kind of arrangement makes each of the servers hosted within the network resistant to denial-of-service attacks, as they are filtered out prior to being able to reach the application or servers (Oesterling, 2015).
Distributed Denial-of-Service Attacks (DDoS)

DDoS attacks commence from a multiple-source network (typically several thousands of sources). To put it plainly, DDoS attacks are DoS attacks arising from multiple distributed attack IP addresses or sources. Such an attack-source network is referred to as a botnet -- an infected server or computer network under a hacker's control. Hackers are able to control all infected devices from Command & Control servers (C&Cs or CnCs), making them, for instance, dispatch HTTP GET requests to targets simultaneously; this is a type of application layer distributed denial-of-service attack (Oesterling, 2015).

Prevention

Honeypots

Honeypots are basically of two kinds: high- and low- interaction. Low interaction ones imply emulating operating systems and services. Their implementation is safe and convenient. Attackers will not be able to communicate with the key…