Hosting Tutorial & Guide

What Is the Difference Between DoS and DDoS Attacks

updated on Jan 26, 2015
What Is the Difference Between DoS and DDoS Attacks The virtual world – web – is full of vulnerabilities of which attacks can easily make use to interrupt online services, and DoS and DDoS are 2 widely heard types of attacks from which webmasters suffer much. The matter is that if you are serious about your websites and online presence, you should have a basic understanding of the 2 terms.

The targets and the purposes of DoS and DDoS attacks are nearly the same, but they do have differences in some aspects including the origin. So, if you are about to be a pro, you'd better make clear of their definitions, similarities and differences so that you can take an action immediately as there is anything wrong with your website.

What Is a DoS Attack?

A DoS attack refers to a Denial of Service attack in which attackers use one computer and one Internet connection to send numerous requests to flood the target server. It is a malicious attempt that overloads resources to make them unavailable to other traffic, or at least to slow down their response to visitors. When a server of a web host is under a serious DoS attack, the websites hosted on it may all be inaccessible.

Along with the rapid development of the online world, DoS attacks are becoming increasingly sophisticated, which makes them hard to be detected. They can even utilize the vulnerabilities of applications.

The targets and reasons for DoS attacks vary. The target can be a single computer, a port of a system, a network, and also some resources like bandwidth and disk space. Moreover, the attacks can be used to execute malware, cause errors and destroy the operating system. As for the reasons, it is proved that most attacks originate from people who are extremely unsatisfied about a service, cyber criminals and business competitors.

What Is a DDoS Attack?

What Is a DDoS Attack The full name of a DDoS attack is a Distributed Denial of Service attack which uses a network of computers and connections distributed around the world to overload a service. These computers usually belong to a botnet, a large group of devices that are infected and hijacked by a malicious group or individual through involuntarily installed malware. Compared with DoS attacks, it is even harder to withstand DDoS attacks.

There are many types of DDoS, among which the most commonly used include:
  • UDP (User Datagram Protocol) Flood. Attacks flood random ports on the target host with numerous UDP packets to make the host listen for the applications on those ports and reply with an ICMP packet.
  • SYN Flood. This kind of attacks uses the "three-way handshake", a vulnerability in the TCP connection sequence, to exhaust resources by sending many SYN requests but not responding to the host's SYN-ACK response.
  • Slowloris. It is a complex type of attacks that is very difficult to migrate. Slowloris is a tool that keeps many connections to the target server open for the maximum time, and it sends HTTP headers constantly but does not complete request, so as to take a website down.

What Is the Main Difference Between DoS and DDoS Attacks?

The most significant difference, as is mentioned above, is that in a DoS attack, the attackers use only one computer and one Internet connection, while those launching DDoS attacks use a globally distributed network of computers and multiple Internet connections. DoS attacks are much simpler and lower in cost.

What Is the Main Difference Between DoS and DDoS Attacks In addition, it is much more difficult to fight against DDoS attacks as there are hundreds or thousands of sources sending out requests to flood the target, especially when a website or server is under a specifically targeted DDoS attack. It is nearly impossible to block out the sources.

But in a DoS attack, if the incoming traffic is identified as being malicious instead of a normal traffic spike, hosts can take actions to absorb and attack and block the source as soon as it is identified. This kind of attacks can be stopped in a short time.


DoS and DDoS attacks both are significant security issues that can take down a whole server. For this reason, when selecting a web host, you should pay attention to the availability of DDoS protection. Although the attacks cannot be prevented, advanced technologies will contribute to the effective mitigation. Nowadays, an increasing number of web hosts, including the ones listed below, are making efforts continuously in improving the security of their servers and the hosted websites.