• Types of DDoS Attacks & Tools

    Cyber-attacks have reached a tipping point in terms of quantity, length, complexity and targets. Read these short articles to get familiar with today’s most common types of DDoS attacks and tools and learn how to protect against these threats.

    Pick Your Poison: The Most Popular Cyber Attacks in 2015

    Necessity is the mother of invention. That certainly holds true in the world of cyber security. As security professionals have developed new defenses to attack vectors, hackers have developed new tools to counter the countermeasures. The result is a plethora of attack types that, depending on industry trends, rise and fall in popularity throughout the year. Based on research and surveys of over 300 worldwide organizations by Radware, this paper outlines the attack vectors that proved popular in 2015, and thus sheds light on what to expect in 2016.

    A Clear & Emerging Cyber-Security Threat: APDoS

    The advanced persistent denial-of-service (APDoS) attack represents the very best of the worst. It is a clear and emerging cyber security threat that takes the finest that cyber assailants have developed in recent years and combines it into a multi-vector attack campaign that targets all layers of the IT infrastructure: network, server, and application.

    A Game of Cat and Mouse: Dynamic IP Address and Cyber Attacks

    Dynamic IP addresses are an effective way to defeat IP-based defense systems: launch application-level attacks that originate from real—but dynamic—IP addresses. This paper outlines some of the most common variations of dynamic IP attacks, explores challenges in defending against them, and points to best practices for thwarting these attacks.

    DDoS Attack Tools: Seven Common DDoS Attack Tools Used By Hackers

    Just as the network security and hacking world is continually evolving, so too are the tools used to carry out distributed denial of service (DDoS) attacks. For example, DDoS tools such as Trinoo and Stacheldraht were widely used at the turn of the century, but these tools ran only on the Linux and Solaris operating systems.

    DDoS Attacks Targeting Application Resources

    Types of DDoS attacks that target server resources attempt to exhaust a server's processing capabilities or memory and aim to cause a DDoS security weakness. An attacker takes advantage of an existing vulnerability on the  target server or in a communication protocol. The target server - website, web  application server, web application firewall, or intrusion prevention system - becomes so busy handling illegitimate requests  that it can no longer handle legitimate requests.

    SSL Attacks – SSL DDoS Attacks

    SSL is a method of encryption used by various network commuication protocols. Conceptually, SSL runs above TCP/IP, providing security to users communicating over other protocols by encrypting communications and authenticating communicating parties. SSL-based DoS attacks and DDoS attacks target the SSL handshake mechanism, send garbage data to the SSL server, or abuse functions related to the SSL encryption key negotiation process.

    Low and Slow DDoS Attacks

    Low and slow attacks, unlike floods, do not require a large amount of traffic. Low and slow attacks mostly target application resources and sometimes server resources. By nature, these types of DDoS attacks are difficult to detect because they involve connections and data transfers that appear to occur at normal rates, making it challenging to implement web application security and DDoS attack mitigation strategies.