Attack
UDP flood is a network-based DoS attack carried out by sending large amounts of UDP packets to a remote host’s ports.
A DDoS attack carried out using fragmented packets with an offset, based on exploiting a TCP/IP stack vulnerability.
A DoS attack, a variant of UDP flood implemented by sending large amounts of forged VoIP packets from a wide range of IP addresses to a VoIP server, usually used by a call center. As a result, the server wastes too much of its resources trying to handle the bogus requests. Due to some aspects of UDP protocol, a VoIP flood attack can be very hard to detect.
An attack type that exploits vulnerabilities of the MC-SQLR protocol used for sending queries to Microsoft SQL Server. An overload of a victim’s link is achieved as a result of getting lists of all database instances stored on multiple public SQL servers (including those hosted by service and cloud providers), along with the information on how to connect to those instances. The data is provided in response to a stream of spoofed scripted requests containing the attacked node’s IP address, sent to those SQL servers.
A type of transport level amplification DDoS attack, similar to NTP amplification. The attack exploits vulnerabilities of the very old CharGEN character generator protocol, sending small packets with a spoofed victim IP address to devices supporting the protocol (such as printers, copying machines, etc.). The devices’ responses are sent as UDP packets to Port 19 of the victim server, causing it to waste too much resources trying to handle them.
A DDoS attack that exploits vulnerabilities of the SNMP network management protocol and resembles DNS amplification attacks.
A type of DoS attack exploiting vulnerabilities of Session Initiation Protocol (SIP) used in VoIP services and applications: a SIP server overload is achieved by sending it a flood of messages containing deliberately malformed data. Attacks of this kind generally result in disrupting normal operation of VoIP services.
A class of attacks involving an intermediary acting for its own benefit: after inserting itself between two parties exchanging data, a third participant receives unauthorized access to their traffic with the ability to do virtually anything with it. The intermediary makes effort to hide itself in order not to evoke any legitimate parties’ suspicions of breaching the privacy and integrity of their traffic.
A kind of DoS attack that is carried out by sending a large stream of packets with their Protocol field value set to zero.
This type of amplified DoS attacks exploit the way DNS services operate – a forged domain request is sent to a vulnerable DNS server, and its response, being of a significant size, is forwarded to a victim server, resulting in its link getting overwhelmed with the responses. This type of attack is distinctive in that it is almost impossible to detect where the forged requests come from.
A variant of UDP flood, a DoS attack targeting servers that use NTP (Network Time Protocol), a protocol for synchronizing computers’ internal clocks. An NTP server overload is achieved by sending multiple spoofed NTP requests from a large number of IP addresses.
A type of amplification attack exploiting features of Memcached system, which is widely used for in-memory caching of data in order to accelerate websites’ operation.