DoS (Denial of Service) attacks bombard a computer system with numerous requests exceeding the target’s capability. The attacked computer may miss important data/service requests (e.g. email messages) from outside, and suffer from limited Internet bandwidth and system resources. Denial of service is typically accomplished by flooding the targeted machine or resource, in our case the RT2600ac router or the MR2200ac router or the Synology NAS device with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.
What is the difference between a DoS and DDoS Attack?
- DoS: Short for Denial of Service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers.
- DDoS: In a DDoS attack the incoming traffic flooding the victim originates from many different sources – potentially hundreds of thousands or more. This effectively makes it impossible to stop the attack simply by blocking a single IP address; plus, it is very difficult to distinguish legitimate user traffic from attack traffic when spread across so many points of origin.
Summing up: A Denial of Service (DoS) attack is different from a DDoS attack. The DoS attack typically uses one computer and one Internet connection to flood a targeted system or resource. The DDoS attack uses multiple computers and Internet connections to flood the targeted resource. DDoS attacks are often global attacks, distributed via botnets.
Which protection can you enable on your Synology Routers?
You can enable DoS protection on your Synology Router device.
How do I enable DoS protection on my Synology Routers?
- Log into your RT2600ac router or MR2200ac Mesh if you use this as a primary router, then open Network Center / Security / General.
- Check the Enable DoS protection box.
- Select TCP, SYN and ICMP flood attack protection. Leave all the limitations settings to default.
- Click Apply. Follow the instructions in the image below.
- TCP reset attack: Also known as “forged TCP reset”, “spoofed TCP reset packet” or “TCP reset attack”, is a way to tamper and terminate the Internet connection by sending a forged TCP reset packet.
- SYN flood attack: A SYN flood is a form of denial-of-service attack in which an attacker rapidly initiates a connection to a server without finalizing the connection. The server has to spend resources waiting for half-opened connections, which can consume enough resources to make the system unresponsive to legitimate traffic.
- ICMP flood attack: An Internet Control Message Protocol (ICMP) flood attack, also known as a Ping flood attack, is a common Denial-of-Service (DoS) attack in which an attacker attempts to overwhelm a targeted device with ICMP echo-requests (pings).
This post was updated on Friday / November 6th, 2020 at 11:29 PM