First things first, there is a little typical example of a DDoS we hear a lot about currently. It is, more precisely, a DrDoS, a Distributed reflection Denial of Service. The 3 key parameters are the following:
UDP (User Datagram Protocol) spoofing
Amplification factor
Type of vector used
UDP spoofing
It is the cornerstone of this attack. Spoofing enables the anonymity of the attack.
Thanks to the UDP, which does not ask for an exchange strictly speaking but emits information without caring about whether it will be correctly received or not, the attacker is anonymous and will send forged “spoofed” packets. Spoofing consists in changing the IP address of the packet (where it comes from) by replacing the real IP address of the hacker with the one of his target.
DDoS attacks have been in the spotlight recently after popular security journalist Brian Krebs had his site taken offline by what at the time was the largest DDoS attack ever recorded by traffic volume. That particular attack was eye opening, not just due to its size, but because it was powered by thousands of insecure IoT devices. It's no secret that Internet-connected devices have for years been sold with weak to nonexistent security and known default passwords that are never changed. This was, however, a moment where the risk posed by such devices was on clear display.
The answers to the sent packets will thus come back to the target, and not to the attacker; it is the “reflection”, bouncing, part of the attack.
More Info: ddos attack definition
UDP (User Datagram Protocol) spoofing
Amplification factor
Type of vector used
UDP spoofing
It is the cornerstone of this attack. Spoofing enables the anonymity of the attack.
Thanks to the UDP, which does not ask for an exchange strictly speaking but emits information without caring about whether it will be correctly received or not, the attacker is anonymous and will send forged “spoofed” packets. Spoofing consists in changing the IP address of the packet (where it comes from) by replacing the real IP address of the hacker with the one of his target.
DDoS attacks have been in the spotlight recently after popular security journalist Brian Krebs had his site taken offline by what at the time was the largest DDoS attack ever recorded by traffic volume. That particular attack was eye opening, not just due to its size, but because it was powered by thousands of insecure IoT devices. It's no secret that Internet-connected devices have for years been sold with weak to nonexistent security and known default passwords that are never changed. This was, however, a moment where the risk posed by such devices was on clear display.
The answers to the sent packets will thus come back to the target, and not to the attacker; it is the “reflection”, bouncing, part of the attack.
More Info: ddos attack definition
No comments:
Post a Comment