DDoS Attacks Types


The main feature of this type of attack is to send a large number of HTTP-requests, each of which in turn handles the WEB-server, per a request is generated by the HTTP-response. Thus, the attacker has a great chance to reboot the server, because the overhead of HTTP-request processing is quite high. This is a common type of DDoS-attacks, which does not require special training or knowledge. On the Internet there are a large number of special programs that can generate a large number of HTTP-requests.


The purpose of the attack - filling stage semi-open TCP connections by sending a large number of SYN-packets usually originating from spoofed the IP-address. Uke server repeatedly sends ACK-packet to the IP-address is not available, and then, like most operating systems, puts the connection in place and after another unsuccessful attempt to obtain confirmation closes the connection. The compounds of the general customers the system can not serve because of the connection queue occupancy.


This attack is aimed at filling the server channel, most of the servers connected to 100 megabit link to the Internet, and now UDP attack power reaches hundreds of gigabits per second. The mechanism is quite simple, to the target server sends a large number of UDP packets large thereby clog the server channel. Cybercriminals have resorted to all sorts of tricks, for example, there is amplification technique (amplification), with the help of DNS-servers vulnerable, you can increase the size of packets, thus increasing the overall capacity of the attack. Unfortunately, this type of attack is not possible without special tools to protect themselves, because network card in any case receives UDP packet before triggering firewall rules on the server-sacrifice.


To the server-goal sent a huge number of fake ICMP packets with the IP-addresses a wide range. The main objective - filling the channel and overload the victim stream of requests of the operating system (for each ICMP-query the server generates ICMP-Reply). As in the case of UDP-flood, amplification technique can be used. The most popular program that uses this protocol is known to all ping utility.