Website Attacks

I know very little about Website attacks or DDoS or something else ?
I know one of way to do DDoS is to fill the server with request until it can no longer handle it and the server is down.
But have there been an attack like this ?

I have read that sending a message over the network is like passing a notes in a crowded room until it reach the intended address. I don't know how many times it bounces but it will probably bounces more than 3 times? can someone who receive this bounces not send it to another computer for a certain website domain or there have been a protection against this ? an encryption maybe ?
I mean if MITM ( Man in the Middle ) can be done why can't this be done ?

I am just curious and all the info I mention might just all my imagination ? LOL
I know one of way to do DDoS is to fill the server with request until it can no longer handle it and the server is down.
It's the only way. By definition.
Although the point of a DDoS is not to crash the server, but to slow it down so much that it can't reply to actual requests in a timely manner.

But have there been an attack like this ?
Yes.

can someone who receive this bounces not send it to another computer for a certain website domain or there have been a protection against this ? an encryption maybe ?
I mean if MITM ( Man in the Middle ) can be done why can't this be done ?
TCP traffic may be easily copied and/or replaced by an attacker router. Encryption and/or authentication is up to the application layer (TLS/SSL, mainly).
Some schemes, such as onion routing, make it impossible for a single router to see where a packet will go after it sends it out.
Last edited on
... can someone who receive this bounces not send it to another computer for a certain website domain or there have been a protection against this?


This is referred to as NAT and the internet as we know it could not exist without it. There is no "protection against it", there's nothing to protect against. It's a well defined and intended behavior.

I know one of way to do DDoS is to fill the server with request until it can no longer handle it and the server is down.

You're not wrong here but there is a little more finesse to it then what you are describing. Think of a server as if it were a fast food restaurant. The employees of this restaurant are friendly, accommodating and they have no idea of your malicious intent. In this analogy you are just one person and cannot possibly distract every employee and if you just scream nonsensical garbage at them, then they will ignore you and move on to the next customer. The goal of a DDoS then is to assign tasks to each employee that will occupy them so that they cannot help any other customers.
A better analogy would be, you walk into a restaurant yelling and causing a ruckus. The restaurant promptly throws you out and problem solved. So the next day, you come back with 3,000 people and repeat what you just did. Restaurant closes and is helpless until these 3,000 people leave or the riot police show up.

This is a fun analogy to the differences between a DoS and a DDoS. Granted, DoS attacks do still happen, they just have to be a lot more clever.
I dont know if get the point about stopping the bouncing the data to another computer

I am thinking about it this way...
We are in a crowded room filled with 500 people. 300 of them are maliscious and dont want a message from a specific 1 person to reach anyone
So everytime this specific person sent out a message or a message is addressed at that specific person, This 300 people who receive such message dispose of the message.
Sure some message might not reach the maliscious 300 people. But the connection is unreliable.
closed account (EwCjE3v7)
They still have to receive it
Last edited on
@ ResidentBiscuit: Nice clarification to that analogy. I should have said that I was talking about a DoS because, IMHO, a DDoS is just crass and beyond establishing C&C, it holds absolutely nothing of interest in it's design. "Ha ha, we soaked up all of your bandwidth and now you can't do anything". It's about as interesting to me as gum on a sidewalk.

@ OP: Unless you've gone back in time to the mid 90's and are stuck using a token ring topology then you really need to think about that scenario better. The only way those other 300 people would see that message in most modern networks is if it were sent as a broadcast. Even if that were the case then they are free to throw out their copy of that message, it won't have an impact on the intended recipient getting theirs. It's a royal PITA to start at cold and to learn on your own (EDIT: FWIW, I couldn't get my head around it until I studied this in school) but you would benefit from studying the OSI model and how it all works. Remember we can and will help you clear up any misunderstandings.
Last edited on
Topic archived. No new replies allowed.