NOTE: DDoS Attacks are not to be confused with Doxing (Doxx) Attacks.

A DDoS Attack stands for a "Distributed Denial-of-Service" attack. Generally, DDoS attacks are used to overwhelm a target's server or network using excessive internet traffic using botnets controlled by hackers.

In order for a DDoS attack to work, the hacker needs to have access to botnets. Botnets are a network built of multiple devices (generally compromised by the attacker). Using this botnet, the attacker sends countless "requests" (usually pings for non-website servers, but requests such as HTTP and UDP can be spammed) to the victim's device or server, overloading the device and causing a denial of service. 

DDoS attacks can be executed in multiple ways for different purposes, such as:

• Through the Application Layer to target the server's resources to create a denial-of-service.

• Using Protocol Attacks to overload server and network equipment resources.

• Volumetric Attacks which attacks the target in multiple waves.

To know if you're being hit with a DDoS attack, common signs include

• Sudden website slowness (and you've tested that other websites are working fine)

• Sudden website unavailability.

Attackers may even use multi-vector attacks, which utilizes multiple methods of DDoS to take down a server.

There are a plethora of tools can filter out DDoS traffic patterns exists, such as:

• Your Operating System's built-in firewall (ie. Windows Firewall) for personal devices

• Your Server Provider's built-in DDoS protection (Azure DDoS Protection and AWS Shield for Azure/AWS services respectively)

• Cloudflare, Cisco Umbrella, Amazon Cloudfront for other servers.

• You can also use blackhole routing and rate limiting.