DDOS attack

[Rueby]

Yes, that's kinda the idea. From a purely technical standpoint, you can consider an internet connection as a pipe, and you have data packets coming one after another. You need to read a packet before you can get to the next one. And after reading a packet, you need to see what's in it before you can know if it's a packet from an actual player or some bogus crap sent by a ddoser.

There are ways to mitigate it by detecting and rejecting bogus packets earlier, things like that. But you can never completely fully prevent it. The very properties of the internet that made it so successful (in short: reliability is ensured at the end points and intermediary nodes need only to make a best effort of carrying packets around) means that anyone can send data to anyone else, and it's up to the recipient to sort it out.

Perhaps the best analogy, in the end, would be someone ordering a bunch of pizzas to be delivered at your address.

Ooooo, this makes alot more sense, the pipe thing that is...

Thank you so much for taking the time to respond to me! I think the analogy of someone ordering a bunch of pizzas to be delivered to your address is much easier and maybe I made it abit hard on myself that I tried to break it down in a maybe round about way. I feel like trying to learn more about the issue can help temper expectations abit, so I really appreciate this.

[S-r-ex]

Ooooo, this makes alot more sense, the pipe thing that is...

Thank you so much for taking the time to respond to me! I think the analogy of someone ordering a bunch of pizzas to be delivered to your address is much easier and maybe I made it abit hard on myself that I tried to break it down in a maybe round about way. I feel like trying to learn more about the issue can help temper expectations abit, so I really appreciate this.

To go a bit deeper: there are two commonly used methods of DDOS attacks called "layer 4" and "layer 7", referring to the OSI model used to describe the relationship between parts of computer networking. What you think of here would be a "layer 7" attack, while "clogging the pipe" is a "layer 4" attack.

A layer 4 attack exploits the "transport layer", or the protocols that manage network connections. For the pizza analogy, this would be the phone at the pizza parlor. Think of a thousand hijacked phones constantly calling and when they get picked up they just sit there in silence. The "protocol" at the parlor is to open with "Hi, this is pizza place, what would you like to order?" and wait for a response. But these bogus calls aren't answering back, and the parlor will have to sit there for a few moments before hanging up. Since the attack is calling en masse like this, legit customers will just get a busy signal and the parlor can't make pizzas since they aren't receiving orders.

A "layer 7" exploits the "application layer", or the service itself. In this case, the hijacked phones will instead present themselves as customers and place often huge and numerous orders. The point this time is to keep the kitchen so busy with bogus orders that legit ones can't be processed.