Remote DDOS attack:
Interrupting the normal network traffic flow towards a target server using malware from a remote location can be called a "Remote DDOS attack". Here, hackers use some compromised servers. The pool of requests from these bad servers will clog the organic traffic to the server. Once the access is gained, the target server can be controlled remotely.
Types of DDOS attacks:
Flooding all open ports with false traffic is called a "volumetric attack". Attackers mainly target layer seven i.e. the Application layer, using the HTTP, DNS, etc, requests masking it as legit traffic is called "Application layer Attack". Using TCP/IP handshake request and sending only partial packets like SYN to target sever to delay the process by making it wait forever known as SYN Flood, using malformed pings to hang the server, belong to "Protocol Attack".
How to find DDOS Attack?
Server admin has to be alert when,
I. A network traffic coming from the same location, or from a single IP address, or a similar range of IPs.
II. Also, if a single profile is placing a million requests for a single page.
III. Getting a hike in network traffic at odd hours.
1. Having a DDOS response plan, by defining security measures in advance before the DDOS attack occurrence.
2. Protecting the network infrastructure at multiple levels.
3. Using cloud security.
4. Using a DDOS mitigation service like Cloudflare, Forrester, etc.