g11436719719165

2020 2021 2022 2023 2024

The DDoS attacks can be broadly classified into two major categories – application layer attacks and protocol attacks.

Application layer attacks are launched using the application protocols such as HTTP and FTP, and since the OSI network mode puts these services on the seventh layer, they are also referred to as Layer-7 attacks. A DDoS on this layer can cause a two-fold impact on the target services by first flooding the available bandwidth, and second, by causing the server to consume computing resources serving the requests. This could be a simple URL request that is being sent to a Web server from a large number of sources. Legitimate users may then get a slow or no response at all. We will look at using the mod_evasive module for Apache Web Server to mitigate this kind of attack, later in this article.

Read more: technology engineer

The protocol layer attacks target the session (Layer 5) and transport (Layer 4) layer defined in the OSI network model. The attacks are typically manifested in ways that exploit the weaknesses in the protocol layer to exhaust the available connection limits. An example of such an attack is when TCP packets are sent to the target with a spoofed source address during the TCP handshake process. A spoofed source address causes the target system to send a response and wait for the next step to take place, which never happens. This causes the TCP layer to exhaust the number of connections available and prevents it from serving requests queued behind the spurious requests.

These attacks could be routed through the botnets. Since each bot in the botnet is a legitimate device, discerning a pattern in the incoming traffic could be next to impossible.

2020-04-24 16:41:14, views: 898, Comments: 0