0

First of all, I'd like to know what exactly a DDoS attack is- my understanding is that it's a collection of infected or "zombie" computers, all controlled by a central computer, with the intent of overloading the website, and making it inaccessible and / or slowing the service down to 90's dial up levels (a.k.a. unusable).

How can one prevent it? I understand that those annoying CAPTCHAs are used, but is there actually a way to prevent one manually?

How well do third-party security services, such as cloudflare or fire eye, work? Are there ways to beat them?

What are the repercussions of a DDoS attack? If a website is DDoS'd, are passwords / credit card / bank data stored in the database compromised? Are certain pieces of encrypted data now at risk of exposure?

Thanks, everyone!

racec0ndition
  • 581
  • 4
  • 10
in_love_with_the_coco
  • 11
  • 1
  • possible duplicate of [How do major sites prevent DDoS?](http://security.stackexchange.com/questions/73369/how-do-major-sites-prevent-ddos) – tlng05 Mar 03 '15 at 17:48
  • 1
    CAPTCHAs are normally used to prevent automated spambots, not to prevent DDoS. – tlng05 Mar 03 '15 at 17:49
  • 2
    You're asking quite a few questions here. I'm concerned that this may be too broad, but each of your individual questions (how to prevent DDoS? / how (well) do CDNs mitigate DDoS and how might they fail? / what is the scope of harm from a DDoS?) seems fine. I'd suggest limiting it to one question and asking the others separately. – apsillers Mar 03 '15 at 17:51
  • 1
    For prevention: [DDoS - Impossible to stop?](http://security.stackexchange.com/q/33811/13146) and [What techniques do advanced firewalls use to protect against DoS/DDoS?](http://security.stackexchange.com/q/114/13146) Also: [How does CAPTCHA mitigate DDoS attacks?](http://security.stackexchange.com/q/22906/13146) – apsillers Mar 03 '15 at 17:54
  • 2
    Have you done any research on these questions? These are pretty easily answered with a couple search queries. – schroeder Mar 03 '15 at 17:56
  • related: http://security.stackexchange.com/q/81258/66382 – Mints97 Mar 03 '15 at 18:25

1 Answers1

2

All a denial of service attack (of which a DDoS is a specific type) does is deny legitimate users access to the site. Anything further is a separate attack. Any repercussions are just those arising from the site no longer being accessible to legitimate users for a time (availability being one of the three pillars of security, which is why this is a security issue even though there is no data breach and no malicious users get control of the site).

cpast
  • 7,223
  • 1
  • 29
  • 35