The difference between DOS and DDOS attack

There are many vulnerabilities that appear in websites that are most likely to be used to disrupt someone’s online services. DoS and DDoS are common attacks that make site owners suffer a lot. To protect websites and online businesses from these attackers, we need to know several types of attacks, including DOS and DDOS, but do you know the difference between dos and ddos ​​attacks?

Read also: What is SQL injection: how it works, examples and types

DoS attack

A DoS attack is a denial of service attack that attempts to make a server or network resource unavailable to its users and visitors. To be more precise, this attack uses a computer and an Internet connection to send massive requests to the server at some point, temporarily interrupting or suspending or unlimitedly hosting Internet-connected host services. If a web host’s server is under serious DoS attack, all websites hosted on that server will most likely be inaccessible.

DoS attacks are quite complex and not easy to detect, they can even occur by exploiting application vulnerabilities. The targets of this type of attack can be computers, target system ports, network connections, and even some resources, such as disk space and bandwidth.

In addition, attackers can use this attack to run malware, cause errors, and even destroy the operating system. Most of these attacks are usually launched by dissidents, cybercriminals and competitors.

DDoS attack

A DDoS attack is a distributed denial of service attack that uses more than one computer and IP addresses distributed around the world to place a heavy burden on services. The source of these attacks is often infected with a virus that causes the server or service to malfunction.

The following are 3 commonly used types of DDoS attacks:

  • UDP flood attacks. The attacker sends a large number of udp packets to attack a random port on the target, causing the host to find no application that listens on that port and responds with an inaccessible destination icmp packet.
  • SYN flood attacks. This is also called three-way TCP handshake in which the attacker sends multiple SYN requests to the target system. It works by not responding to the server with the expected ACK code, causing the server to send a SYN-ACK to the wrong IP address.
  • Loris is slow. This tool keeps the massive connection to the target server open for a very long time and sends http headers, but does not resolve requests continuously, blocking the site.

The difference between DOS and DDOS

The first difference between DOS and DDOS attacks is that the attacker uses a single computer and an Internet connection when launching a DoS attack, while the attacker uses an extended network of computers and multiple Internet connections in a DDoS attack. Another difference is that DoS attacks are much easier to operate and cost less.

In addition, it is more difficult to withstand a DDoS attack because there are several sources that send requests to overwhelm the target system. In this case, blocking the source is almost impossible.

However, in a DoS attack, if incoming traffic is recognized as an abnormal increase in traffic, the host may take immediate action to block the source. This means that DoS attacks can be blocked in a relatively short time.


DoS and DDoS are security issues that need to be taken seriously, as they can destroy entire servers if not handled in a timely and appropriate manner. Therefore, when choosing a web host, you need to consider DDoS protection.

There are many web hosts on the market today that are constantly striving to provide a robust hosting solution to meet your needs and improve the performance of your site. You can be sure that all our services have DDoS Attack Response get rid of annoying attacks.

So many articles The difference between DOS and DDOS attacks. Looking forward to more interesting articles and don’t forget to share this article with your friends. Thank you…

Leave a Comment

/* */