How Many Kinds of DDoS Attacks are there? – Part 3
DDoS is a hot topic in the financial world right now. Here is some more information on DDoS attack types.
Check out the first post in this series here.
Take a quick read about Volume Based Attacks in Part 2 of the series here.
In this third post in the series, we are going to look at the basic attack types of Protocol attacks
SYN Flood
A SYN flood DDoS attack exploits an known weakness in the TCP connection sequence (the “three-way handshake”), wherein a SYN request to initiate a TCP connection with a host must be answered by a SYN-ACK response from that host, and then confirmed by an ACK response from the requester. In a SYN flood scenario, the requester sends multiple SYN requests, but either does not respond to the host’s SYN-ACK response, or sends the SYN requests from a spoofed IP address. Either way, the host system continues to wait for acknowledgement for each of the requests, binding resources until no new connections can be made, and ultimately resulting in denial of service.
Ping of Death
A ping of death (“POD”) attack involves the attacker sending multiple malformed or malicious pings to a computer. The maximum packet length of an IP packet (including header) is 65,535 bytes. However, the Data Link Layer usually poses limits to the maximum frame size – for example 1500 bytes over an Ethernet network. In this case, a large IP packet is split across multiple IP packets (known as fragments), and the recipient host reassembles the IP fragments into the complete packet. In a Ping of Death scenario, following malicious manipulation of fragment content, the recipient ends up with an IP packet which is larger than 65,535 bytes when reassembled. This can overflow memory buffers allocated for the packet, causing denial of service for legitimate packets.
Our next post in the series will look at the different types of Application Layer Attacks.
Related Content:
How does my Credit Union prepare for the May 7th DDoS threat?
How is the Sunset of Windows XP Related to DDoS Attacks?
DDoS Operation Ababil Phase 3 Attack Report
Have Questions? Contact Us:
Welcome to the Ongoing Operations blog archive.
For our most up-to-date information, please visit ongoingoperations.com.
HOME