# AWS DDOS
#### **AWS DDoS (Distributed Denial of Service) Protection**
AWS provides robust measures to mitigate DDoS attacks that aim to disrupt service availability.
***
#### **Common DDoS Attack Types**
1. **UDP Flood**:
* Overwhelms servers with a high volume of UDP packets, consuming bandwidth and server resources.
2. **TCP Flood**:
* Exhausts server connections by sending a large number of incomplete TCP handshake requests. This can be mitigated using security groups, Network ACLs & AWS Shield
3. **Slowloris Attack**:
* Holds connections open by sending partial requests, preventing the server from accepting new ones. This can be mitigated using AWS Load Balancer
***
## **AWS Shield**
1. **AWS Shield Standard**:
* Automatic protection against common, low-complexity DDoS attacks.
* Built into AWS services at no additional cost.
2. **AWS Shield Advanced**:
* Enhanced DDoS protection for applications hosted on AWS.
* Features:
* Detailed attack diagnostics.
* Cost protection against attack-related usage spikes.
* 24/7 support from the DDoS Response Team (DRT).
AWS Shield, combined with other AWS security services, helps maintain application availability even during DDoS attacks.
***
**AWS Shield**
1. **AWS Shield Standard**:
* Automatic protection against common, low-complexity DDoS attacks.
* Built into AWS services at no additional cost.
2. **AWS Shield Advanced**:
* Enhanced DDoS protection for applications hosted on AWS.
* Features:
* Detailed attack diagnostics.
* Cost protection against attack-related usage spikes.
* 24/7 support from the DDoS Response Team (DRT).
AWS Shield, combined with other AWS security services, helps maintain application availability even during DDoS attacks.
***