DoS and DDoS

DoS/DDoS attacks typically fall under the following categories:

Direct: an attacker generates packets and sends them directly to the target. This can be used to overwhelm a target, or generate massive costs. Buffer overflows can also be exploited to cause infrastructure crashes.
Botnet: a collection of compromised machines operated via a C2 (Command & Control) server by an attacker to carry out a coordinated attack against a target.
Reflected: spoofed packets are sent to sources, which appear to be from the victim, resulting in the sources unwillingly participating in the reflected attack by sending responses. UDP is often used for this.
Amplification: form of reflected DoS where the response traffic is made of much larger packets than the initial one. For example, sending DNS queries to a server configured as an open resolver, this will then send much larger responses to the target.

Last updated 1 month ago

DoS/DDoS attacks typically fall under the following categories:

Direct: an attacker generates packets and sends them directly to the target. This can be used to overwhelm a target, or generate massive costs. Buffer overflows can also be exploited to cause infrastructure crashes.
Botnet: a collection of compromised machines operated via a C2 (Command & Control) server by an attacker to carry out a coordinated attack against a target.
Reflected: spoofed packets are sent to sources, which appear to be from the victim, resulting in the sources unwillingly participating in the reflected attack by sending responses. UDP is often used for this.
Amplification: form of reflected DoS where the response traffic is made of much larger packets than the initial one. For example, sending DNS queries to a server configured as an open resolver, this will then send much larger responses to the target.

Last updated 1 month ago