• Types of DDoS Attacks & Tools

    Cyber-attacks have reached a tipping point in terms of quantity, length, complexity and targets. Read these short articles to get familiar with today’s most common types of DDoS attacks and tools and learn how to protect against these threats.

    A Game of Cat and Mouse: Dynamic IP Address and Cyber Attacks

    Dynamic IP addresses are an effective way to defeat IP-based defense systems: launch application-level attacks that originate from real—but dynamic—IP addresses. This paper outlines some of the most common variations of dynamic IP attacks, explores challenges in defending against them, and points to best practices for thwarting these attacks.

    DDoS Attack Tools: Seven Common DDoS Attack Tools Used By Hackers

    Just as the network security and hacking world is continually evolving, so too are the tools used to carry out distributed denial of service (DDoS) attacks. For example, DDoS tools such as Trinoo and Stacheldraht were widely used at the turn of the century, but these tools ran only on the Linux and Solaris operating systems.

    DDoS Attacks Targeting Application Resources

    Types of DDoS attacks that target server resources attempt to exhaust a server's processing capabilities or memory and aim to cause a DDoS security weakness. An attacker takes advantage of an existing vulnerability on the  target server or in a communication protocol. The target server - website, web  application server, web application firewall, or intrusion prevention system - becomes so busy handling illegitimate requests  that it can no longer handle legitimate requests.

    SSL Attacks – SSL DDoS Attacks

    SSL is a method of encryption used by various network commuication protocols. Conceptually, SSL runs above TCP/IP, providing security to users communicating over other protocols by encrypting communications and authenticating communicating parties. SSL-based DoS attacks and DDoS attacks target the SSL handshake mechanism, send garbage data to the SSL server, or abuse functions related to the SSL encryption key negotiation process.

    Low and Slow DDoS Attacks

    Low and slow attacks, unlike floods, do not require a large amount of traffic. Low and slow attacks mostly target application resources and sometimes server resources. By nature, these types of DDoS attacks are difficult to detect because they involve connections and data transfers that appear to occur at normal rates, making it challenging to implement web application security and DDoS attack mitigation strategies.

    DDoS Attacks Targeting Server Resources

    Types of DDoS attacks that target server resources attempt to exhaust a server's processing capabilities or memory to cause a DDoS security weakness. An attacker takes advantage of an existing vulnerability on the target server or in a communication protocol. The target server - website, web application server, web application firewall, or intrusion prevention system - becomes so busy handling illegitimate requests that it can no longer handle legitimate requests.

    Seven DDoS Attacks Targeting Network Resources

    Types of DDoS attacks that target network resources use a large volume of illegitimate traffic to try to consume, or flood, all of a victim’s network bandwidth. In a typical flooding attack, the offense is distributed among an army of thousands of volunteered or compromised computers - a botnet - that sends a huge amount of traffic to the targeted site, overwhelming its network.