IMO. DDOS (Distributed Denial of Service) Attacks can target layers 4 and 7 in the OSI layer. Send packets massively at layer 4 SYN flood attacks and layer 7 application, for example from requests for post or get requests in http and consuming resources and system failures. These attacks are carried out with the help of many computers (botnets).

DDOS can be done easily, many DDOS providers and tools such as KARMA, MDDoS, Instant-Stresser are ready to use and can make the system down for days. In this way, even a person who is not computer savvy can carry out an attack on the target. Their motivation to carry out the attack depends on being able to threaten, blackmail and so on. This attack is very terrible, the system will be disrupted and the site owner or agency loses

How to prevent:

- Using WAF

- Using CDNs

- Using anti DDOS services such as cloudflare, vshield, akamai and others

- Has an IoC dataset to wishlist IPs and indicators of attackers

- Hide IP address