Seven DDoS Attacks Targeting Network Resources
Attacks that target network resources use a large volume of illegitimate traffic to try to consume, or flood, all of a victim's network bandwidth.
In a typical flooding attack, the offense is distributed among an army of thousands of volunteered or compromised computers - a botnet - that sends a huge amount of traffic to the targeted site, overwhelming its network.
An amplification attack takes advantage of a disparity between a request and a reply in technical communication. For instance, the attacker could use a router as an amplifier, taking advantage of the router's broadcast IP address feature to send messages to multiple IP addresses in which the source IP is spoofed to the target IP. Famous examples of amplification attacks include Smurf attacks (ICMP amplification) and Fraggle attacks (UDP amplification). Another example of a type of amplification attack is DNS amplification, in which an attacker, having previously compromised a recursive DNS name server to cache a large file, sends a query directly or asks for the large cached file. The return message, significantly amplified in size from the original request, is then sent to the victim's spoofed IP address, causing a denial of service condition.
An attack is reflective when the attacker uses a potentially legitimate third party to send the attack traffic, ultimately concealing the attacker's identity.
Connection-Oriented DDoS Attacks
A connection-oriented attack is one in which the attacker must first establish a connection prior to launching a DDoS attack. This type of attack usually affects server or web application security and resources. Examples include TCP and HTTP-based attacks.
Connectionless DDoS Attacks
A connectionless attack does not require the attacker to open a complete connection to the victim and is therefore much easier to launch. A connectionless attack affects network resources, causing denial of service before malicious packets can even reach the server. Examples include UDP floods, ICMP floods, and IGMP floods.
Protecting Against DDoS Network Attacks
During the seven network flood attacks described above, legitimate users trying to access a site will find the attacked site incredibly slow or unresponsive. These network flood attacks are simple, yet extremely effective, meaning that they require sophisticated DDoS mitigation and DDoS protection solutions.