Web application firewall is designed to protect your web application from various types of attacks. WAF can be called “reverse-proxy” as it protects server’s data passing clients through itself before providing access to the resource.
An attack against a system aiming to cause it to stop providing a service – a flood of bogus requests made to the system causes its overload, making it unable to handle requests from legitimate users. Being cheap to implement and efficient, DoS attacks are often used for unfair competition and other illegal purposes.
A distributed DoS attack carried out simultaneously from a vast number of devices that attackers have taken control over, gaining the ability to send commands to generate floods of bogus requests. An attack of this kind can cause a denial of service to systems owned by a large enterprise or to an entire network.
A service allowing to host IT systems and resources (servers, websites, business applications, databases, content portals, virtual machines, etc.) at premises and on hardware managed by a hosting provider. Usually, the provider offers a reliable high-speed Internet connection along with technical support, physical/IT security, and data integrity services (backup, etc.) for the customer’s IT assets.
A type of hosting service where the customer is provided with a dedicated physical server connected to the Internet. Usually, the leased assets are used for the deployment of mission-critical and/or resource-intensive applications and websites. The service is often used for accelerated implementation of projects that are critical for the customer’s business and require significant IT resources.
A type of hosting service where the customer rents a virtual dedicated server or virtual private server (with the two terms having a similar meaning), deployed on hardware that is managed by a hosting provider. A virtual server is a virtual machine deployed on a physical server. The VM has server software installed that emulates the operation and resources of a separate physical server. Usually, a virtual dedicated server costs less than a conventional physical dedicated server. In addition, a VDS can be easily scaled whenever necessary.
A service for hosting the customer’s DNS zones. For a website to be discoverable on the Internet, its domain name must be included in the DNS. For that, a primary DNS server is required that contains the domain name record, as well as secondary DNS servers, which pass the domain name information along the network.
An HTTP request made to a web server in order to receive data needed by a web client. GET requests offer a way to transfer parameters, which is employed in a web services’ implementation widely used these days.
A TCP request for initiating a connection – step 1: a connection request from a client to a server (the client sends a TCP packet with the SYN flag set); step 2: server response (the client is sent a packet with SYN and ACK flags set); step 3: acknowledgment of the client’s readiness to establish the connection (the server is sent a packet with the ACK flag set). The connection is deemed to be established if all the 3 steps (the so-called TCP three-way handshake) have been successful.
A method to prevent SYN flood attacks by a TCP server’s responding in a special way to a client's request while establishing a connection with the former. This can decrease the load created by a SYN attack, although these days SYN cookies are not very efficient against real-world SYN attacks.
When the term is used in relation to popular protocols, it means a DDoS attack that exploits vulnerabilities previously unknown to security experts. If used when talking about popular software products, the term refers to security bugs of which their developers were previously unaware. Often, a DDoS-attack can be referred to as zero-day if it is implemented using brand new methods that were never used before.
A character-string based identifier (name) of an Internet domain. Domain names are intended to ease the designation of individual nodes and resources deployed on top of them from human readability viewpoint. All the Internet domains are unified by a hierarchy. A fully qualified domain name is a dot-separated series of domains, such as domain3.domain2.domain1, where domain1 is the topmost-level domain. The Domain Name System (DNS) ensures the matching between domain names and IP addresses.
A special device whose key function is to forward (route) network-level packets from one network segment to another using a set of rules specific to the network, and data contained in the routing table.
1) a flow of data through a specific node, network part or network as a whole; 2) the amount of data (the number of packets or amount of information) passing a given node, network part or entire network within a specified period of time.
A unique identifier of an individual network equipment unit, such as a NIC or Ethernet port, designating a sender or a recipient of an OSI network-level packet (frame). Usually MAC addresses are assigned by a manufacturer while producing equipment or components.
The size of a buffer used when receiving a packet. Essentially, this is the amount of data sent in one TCP packet. By default, TCP window size can be no more than 65535 bytes. With the window scale option, however, the window size value can be up to 1Gb.
A piece of data locally stored by a Web client, characterizing a user from the viewpoint of a server accessed by the user. Possible attributes that can be stored in a cookie include e-mail address, personal preferences and settings, session state data, stats, etc. When data is exchanged with a Web server without encryption, cookies could be intercepted and tampered with.
A database containing information about known vulnerabilities, including their descriptions and links to websites with additional info. The project is sponsored by the United States Computer Emergency Readiness Team (US CERT) and maintained by MITRE Corp. nonprofit
Using illegal ways of affecting computer networks or individual nodes in order to promote political causes. Hacktivists usually participate in protest movements and try to attract as much attention as possible to the ideas they stand for.
The use of a software intermediary (proxy) that processes traffic in a certain way for subsequent sending to another software program. Specifically, security proxies process traffic in such a way so as to prevent unauthorized traffic access and minimize the threat of network attacks.
A service that allows to deliver data of various nature and formats (images, videos, web pages, software distributions/patches, etc.) to a large number of users as fast as possible. CDNs help lower costs by freeing customers from the need to create resilient (including to DDoS attacks), reliable, and highly available IT infrastructure necessary for mass delivery of content to consumers.
A way to implement a DoS attack providing a manifold increase in impact on a victim server: a small number of bots initiate sending a huge amount of forged packets or requests, which severely slow down or paralyze the attacked server that tries to process them. The approach is used, e.g., in attacks based on the DNS and NTP protocols.
Malicious actions impacting web resources on the Internet. Attacks of this kind are usually classified into mass and targeted types. Attacks of the first type target a site as a whole and are usually automated. In mass attacks, attackers use their knowledge of popular tools and widespread vulnerabilities. Targeted attacks, on the other hand, are usually carried out by manually searching for vulnerabilities and exploiting them. The damage inflicted by an attack of this type can be fatal.
A widely used method to increase available bandwidth by 5% while staying within the selected payment plan, based on the way bandwidth is measured: first, during a month-long period, data transfer stats are collected, then 5% of the highest values are removed from further analysis, while the highest value from the rest is used as the basis for payment calculation.