When was the first DDoS attack attempted?

What is actually a
DDoS attack?

How can companies protect themselves from DDoS attacks?

This is basically pretty simple: A company can use service providers to create so much capacity that even large volumes of inquiries can always be processed and there is no breakdown. Because the capacity of the target server is the crucial point in an attack. This can be done through cloud services, which quickly add capacities when traffic increases.

Another way is to set up a filter system. Here, the traffic is no longer processed via the company's own server, but rather pre-sorted in a so-called "scrubbing center". Only clean traffic is then forwarded to the server in the company itself.

Scrubbing centers analyze the traffic and filter out possible DDoS attacks. Typical patterns of DDoS attacks are recognized and an attack on the company's server becomes impossible. Because the denial of service, the refusal of service, only occurs when the company server collapses. However, it is then no longer directly accessible for the attack.

SYN cookies are another way of weakening DDos attacks. With a three-way handshake, a TCP protocol (Transmission Control Protocol) is always created by the server. In the event of DDoS attacks, this is always left in an open state in order to deprive the victim server of memory resources. SYN cookies prevent this mechanism by sequencing the number of SYN / ACK requests and responses. In this way, the attacked server does not have to provide any storage space for storing the half-open TCP tables and is not overloaded as quickly.