Corero Resource Library Understanding In-line DDoS Protection

DDoS Attack Types: Glossary of Terms

This Distributed Denial of Service (DDoS) attack glossary is intended to provide a high level overview of the various DDoS attack types and typical DDoS attack characteristics.
The definition of Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks is where one or many compromised systems attack a target causing a flood of incoming messages, which overwhelms the system, causing it to shut down.

 

Common DDoS Attack Types & Characteristics:
ACK Attack or ACK-PUSH Flood
In an ACK flood attack or ACK-PUSH Flood, attackers send spoofed ACK (or ACK-PUSH) packets at very high packet rates that fail to belong to any current session within the firewall’s state-table and/or server’s connection list. The ACK (or ACK-PUSH) flood exhausts a victim’s firewalls by forcing state-table lookups and servers by depleting their system resources used to match these incoming packets to an existing flow.
DNS Amplified (Reflective)
Another possible way of taking advantage of DNS flood is through attackers spoofing a victim’s DNS infrastructure and through the use of Open Recursive DNS servers and extensions to the DNS protocol. Very small DNS requests can result in very large and a high-volume of DNS responses (i.e. Amplification Factor).  Read more about DNS Amplification Attacks.
DNS Flood
In a DNS Flood, attackers use DNS as a variant of a UDP flood. Attackers send valid but spoofed DNS request packets at a very high packet rate and from a very large group of source IP addresses. Since these appear as valid requests, the victim’s DNS servers proceeds to respond to all requests. The DNS server can be overwhelmed by the vast number of requests. This DNS attack consumes large amounts of network resources that exhaust the DNS infrastructure until it goes offline, taking the victim’s Internet access (www) down with it.

Click to view all articles for the EPIC:
Or click to view the full company profile:
    Facebook
    Twitter
    LinkedIn
    Corero Network Security

    More articles like this

    Corero Network Security

    The NIS Directive – just how tough is it really?

    Over the last few months, UK media outlets have been filled with reports about the series of tough new measures being introduced on 9th May to protect our national critical infrastructure against cyber threats. In January, the government confirmed

    Corero Network Security

    The US Government Vs Botnets

    U.S. government agencies are working hard to solve the problem of botnets and other cyber threats, and are asking for input from various stakeholders. In July 2017 the National Institute of Standards and Technology (NIST) conducted

    Corero Network Security

    Corero Network Security plc Customer Wins

    Corero Network Security plc (LON:CNS), the global network security company, has today announced two orders for its SmartWall® Threat Defense System (“SmartWall”) technology with a combined value of $0.9 million (with additional incremental orders expected in

    Corero Network Security

    Memcached Flaw Kill Switch Could Foil DDoS-ers

    Researchers claim to have discovered a way of mitigating a vulnerability in Memcached servers which is responsible for two of the biggest DDoS attacks ever recorded. Corero Network Security said it has disclosed the new “kill switch”

    Corero Network Security

    Github weathers world’s largest DDoS attack

    Github has weathered the biggest DDoS attack in history with just 10 minutes of downtime, according to new reports. The code-sharing site was subjected to a colossal 1.35Tbits/sec surge in traffic, as unknown hackers attempted to take

    Corero Network Security

    Bursts, Waves and DDoS: What You Need to Know

    A recent Cisco report found that 42 percent of organizations experienced “burst”distributed denial of service (DDoS) attacks in 2017. Burst attacks, otherwise known as Pulse-Wave attacks, are gaining favor among hackers because they enable perpetrators to attack multiple targets, one after

    Corero Network Security

    Enterprise costs of DDoS attacks exceed $2 Million

    New Kaspersky Labs research notes that the financial impact of a Distributed Denial of Service (DDoS) attack continues to rise, and is now more than $120K for SMBs and more than $2M for enterprise organizations. A Corero Network Security executive

    Corero Network Security

    How Smart CISO’s Protect their Business from DDoS

    When Businesses Suffer as a Result of DDoS Attacks It’s hardly a surprise that DDoS attacks are so common. What is surprising is that so many companies still lack adequate DDoS protection. Our own survey of

    Corero Network Security

    Cybersecurity at CES: ADT targets home users

    Once relegated to simple subscription firewall and internet security software, today’s smart homes have come a long way when it comes to cybersecurity. Thanks to the rapid rise of smart home-related IoT products – and the

    Corero Network Security

    Autosploit: A Marriage Made for DDoS Botnets

    On January 30, 2018 a new mass exploitation tool called “Autosploit” was released on Github, a Git repository hosting service. Autosploit leverages Python code to automatically search for vulnerable devices connected to the Internet and then

    Corero Network Security

    Is Your DDoS Protection Strategy Hitting the Mark?

    Find out how effective you are at protecting your network from DDoS. Take this short assessment and get personalised results plus a free eBook.   Corero Network Security is the leader in real-time, high-performance DDoS defense

    Corero Network Security

    Business Wire under sustained DDoS attack, traffic slowed

    A persistent distributed denial of service (DDoS) attack over the past week has prompted a slowdown on the Business Wire website, but seemingly hasn’t exposed client data, company Chief Operating Officer (COO) Richard DeLeo told customers

    Corero Network Security

    What can be expected from DDoS attacks in 2018?

    2017 will be remembered as the year of massive data breaches, state-sponsored attacks, numerous ransomware threats and more phishing scams them we can count. But it also marked a turning point for the DDoS landscape. Corero

    Corero Network Security

    The Rise of IoT Botnet Threats and DDoS attacks

    Earlier this month, a report by Neustar International Security Council (NISC) revealed that many businesses viewed unsecured IoT devices as their biggest concern about the state of their organisation’s security. While ransomware and financial data theft were still