According to RFC rules, the IP packet header should contain information on its transport level protocol. Packets contain IPv4 headers that carry this information. When the value of this field is set to zero, the packets can evade security measures … [Read more...] about What is an IP Null Attack and is Null Routing an Effective Mitigation Technique?
Types of Attack
What is Slowloris?
Slowloris is DDoS attack software that makes it possible for a single computer to take down an entire web server by consuming all its resources. It operates at Layer 7 (the application layer). The attack requires minimal bandwidth to launch and only … [Read more...] about What is Slowloris?
What are DDoS Toolkits, and DDoS-for-hire Services?
What are DDoS Toolkits? DDoS toolkits are software packages that infect numerous connected devices, which are then used as botnets in future DDoS attacks. They are typically authored by black hat hackers with professional intent to stress services … [Read more...] about What are DDoS Toolkits, and DDoS-for-hire Services?
What is a NTP Amplification Attack?
An NTP amplification attack is one in which the perpetrator seeks to overwhelm a targeted server and its surrounding infrastructure with UDP traffic by exploiting publicly accessible Network Time Protocol (NTP) servers. This type of DDoS attack is … [Read more...] about What is a NTP Amplification Attack?
What is a Ping of Death?
A Ping of Death (PoD) is a DoS attack caused by an attacker sending oversized or malformed packets using a PING command to a targeted computer or service. A PING operates by sending ICMP echo request packets to the host and waiting for an Internet … [Read more...] about What is a Ping of Death?
What is a Ping Flood?
A Ping Flood is an evolved variant of an ICMP Flood in which attackers use PING, a variant ICMP to send highly-spoofed PING (ICMP) echo requests at a high rate and from large range of random source IPs, or as if they are the IP address of the … [Read more...] about What is a Ping Flood?
What is an ICMP Flood?
An ICMP Flood involves an attacker sending fraudulent ICMP packets at volumes significant enough to flood a network. The unexpected volume of the incoming spoofed ICMP packets from a large set of source IP overwhelms the victim’s network, consuming … [Read more...] about What is an ICMP Flood?
What is an IP Fragmentation Attack?
There are various kinds of IP fragmentation attacks, and they are a fairly common form of DDoS attack. All fragmentation attacks involve the breakdown of datagrams to overbear the target networks, but the difference lies in how the attack vectors are … [Read more...] about What is an IP Fragmentation Attack?
What is an HTTP Flood?
In a HTTP Flood, attackers send vast numbers of legitimate HTTP requests to a server. The request can either be “GET” or “POST”. The goal of this kind of DDoS attack is to force the server to allocate so many of its resources to serving the attack … [Read more...] about What is an HTTP Flood?
What is a UDP Flood?
A UDP Flood Attack involves the sending of highly-spoofed UDP packets at an extremely high packet rate using a wide source IP range. The unexpectedly high volume of incoming UDP packets overwhelms the victim’s network, exhausting its resources and … [Read more...] about What is a UDP Flood?
What is a SYN-ACK Flood?
SYN floods can take various forms, most of which do not seriously affect the attacked system. However, one of the most potentially damaging types of SYN floods is the SYN-ACK flood, in which the client address refers to a system that does not … [Read more...] about What is a SYN-ACK Flood?
What Are SYN Cookies?
When cryptologists Daniel J. Bernstein and Jeff Weisberg made SYN cookies mainstream as a way of mitigating SYN floods, the problem was considered insoluble. It was September 1996, following the SYN flood, which had shut down the mail service for … [Read more...] about What Are SYN Cookies?
What is a SYN Flood?
A SYN flood, aka TCP-SYN flood, is one of the oldest forms of DDoS attacks, whose goal is to make a server unavailable to legitimate traffic by consuming all the server’s available resources. The attacker repeatedly sends initial connection request … [Read more...] about What is a SYN Flood?
What are Zero-Day DDoS Attacks?
Zero-day DDoS attacks are known as such because they take place when a threat actor exploits a zero-day vulnerability. A zero-day vulnerability is an application or system flaw usually within new software that was unknown to the vendor and security … [Read more...] about What are Zero-Day DDoS Attacks?
DDoS Attack Types
A DDoS attack is always launched from multiple compromised devices, often distributed in different locations, known as a botnet, usually controlled remotely by a single threat actor. It is different from a denial-of-service (DoS) attack because it … [Read more...] about DDoS Attack Types