Question

What is the difference between a denial-of-service attack and a distributed denial-of-service attacks? which is potentially more dangerous and devastating? why?

Answer 1

A denial-of-service (or DoS) attack is where one single computer continuously sends information to a particular IP address in an attempt to overload the network, and take it down. It is called denial-of-service, because you are literally preventing other legitimate users from accessing the server. DoS attacks are not as commonly done professionally today, due to modern technological advances where these servers are able to cope with lots of junk packets from one user, and will often times just block their IP address if the packets are sent too frequently.

A distributed denial-of-service attack is where an IP address is overloaded from multiple users at the same time, often general users like you and I. The way this is accomplished is through botnets, which are simple non-malicious programs that are retrieved through downloading things on the internet, often things like torrents, and they are hard to remove due to them being non malicious. A botnet simply routes internet traffic from the user's computer to the victim's IP address, and due to the nature of a botnet being able to spread to multiple computers very quickly via the internet, DDoS'ing is a much more potentially devastating attack, and loads of junk packets coming from tons of different users compared to one user in a DoS attack is much more likely to take down a server or a network. Additionally, the victim server is unable to distinguish the difference between an attacker and a legitimate user, as the packets are not sent too frequently from each user as to not get IP blocked, but the attack rather relies on the fact that there could sometimes be hundreds of thousands of users all at once, attacking a single IP address.