It’s one of the oldest cyberattack methods in existence – and one that’s been around for nearly as long as the Internet itself. I am referring, of course, to the Distributed Denial of Service (DDoS) attack. Although there are many different attack vectors a DDoS may exploit and many different methods through which it may achieve its purpose, at its core, every DDoS attack is the same – it floods its victim with bogus traffic or requests until that victim’s infrastructure buckles under the strain.
Application attacks target weaknesses in how an application works. One well-known application attack is Slowloris, which targets web servers. In a Slowloris attack, the attacker sends HTTP requests to a web server without ever completing the requests. Periodically (and slowly--hence the name), the attacker will send additional headers, thus keeping the request "alive" but not finished. Similar to a SYN flood, this forces the web server to maintain open connections for these partially completed HTTP requests, eventually preventing it from accepting any new connections.
The remainder of this post details strategies for preparing networks to defend against DDoS attacks.
Occasionally, this is done just to cause chaos, as was the case with Lizard Squad. More frequently, however, a DDoS attack is a distraction tactic – like driving a bus through the front window of a store so no one notices a robber in the back. While a business is overwhelmed dealing with the fact that they are unable to function, hackers might make off with valuable data.
More Info: ddos meaning
Application attacks target weaknesses in how an application works. One well-known application attack is Slowloris, which targets web servers. In a Slowloris attack, the attacker sends HTTP requests to a web server without ever completing the requests. Periodically (and slowly--hence the name), the attacker will send additional headers, thus keeping the request "alive" but not finished. Similar to a SYN flood, this forces the web server to maintain open connections for these partially completed HTTP requests, eventually preventing it from accepting any new connections.
The remainder of this post details strategies for preparing networks to defend against DDoS attacks.
Occasionally, this is done just to cause chaos, as was the case with Lizard Squad. More frequently, however, a DDoS attack is a distraction tactic – like driving a bus through the front window of a store so no one notices a robber in the back. While a business is overwhelmed dealing with the fact that they are unable to function, hackers might make off with valuable data.
More Info: ddos meaning
No comments:
Post a Comment