Jump to content
Nytro

Taxonomy of DDoS Attacks

By Nytro, in Tutoriale in engleza

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Taxonomy of DDoS Attacks

Property of RioRey, Inc. © 2009 - 2011

1. SYN Flood. Clients generate a SYN packet (64 bytes) to request a new session from a host

server. As the TCP three-way communication handshake is created, the host will track and allocate

each of the client’s sessions until the session is closed. In a SYN flood, a victim server receives

spoofed SYN requests at a high packet rate that contain fake source IP addresses. The SYN flood

overwhelms the victim server by depleting its system resources (connection table memory) normally

used to store and process these incoming packets, resulting in performance degradation or

a complete server shutdown. A well-crafted SYN flood often fools deep-packet inspection filtering

techniques. SYN-Cookie defense can be used to defend against large-scale SYN floods but this

requires all servers to support this capability.

2. SYN-ACK Flood. Host servers generate SYN-ACK packets in response to incoming SYN requests

from clients. During a SYN-ACK flood, the victim server receives spoofed SYN-ACK packets

at a high packet rate. This flood exhausts a victim’s server by depleting its system resources

(memory, CPU, etc.) used to compute this irregularity, resulting in performance degradation or a

complete server shutdown.

3. ACK & PUSH ACK Flood. After a TCP-SYN session is established between a host and a client,

ACK or PUSH ACK packets are used to communicate information back and forth between the two

until the session is closed. During an ACK flood, a victim receives spoofed ACK packets at a high

packet rate that fail to belong to any session within the server’s connection list. The ACK flood exhausts

a victim’s server by depleting its system resources (memory, CPU, etc.) used to match these

incoming packets, resulting in performance degradation or a complete server shutdown.

........................................................................................

Download:

http://www.riorey.com/x-resources/2011/RioRey_Taxonomy_DDoS_Attacks_2.2_2011.pdf

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...