Attacks

Malicious actions impacting web resources on the Internet. Attacks of this kind are usually classified into mass and targeted types.

UDP flood is a network-based DoS attack carried out by sending large amounts of UDP packets to a remote host’s ports.

A DDoS attack carried out using fragmented packets with an offset, based on exploiting a TCP/IP stack vulnerability.

When the term is used in relation to popular protocols, it means a DDoS attack that exploits vulnerabilities previously unknown to security experts. If used when talking about popular software products, the term refers to security bugs of which their developers were previously unaware. Often, a DDoS-attack can be referred to as zero-day if it is implemented using brand new methods that were never used before.

A piece of software code or module used for attacking vulnerable nodes in order to gain command and control over them, carry out a destructive action, or cause a denial of service.

A way to implement a DoS attack providing a manifold increase in impact on a victim server: a small number of bots initiate sending a huge amount of forged packets or requests, which severely slow down or paralyze the attacked server that tries to process them. The approach is used, e.g., in attacks based on the DNS and NTP protocols.

A Smurf attack is a type of DDoS attack that exploits the ICMP protocol and causes a stream of packets to the victim. At startup, large packages are created when using a method called "spoofing". The intended result is to slow down the target system to such an extent that it becomes inoperable and vulnerable.

An attack against a system aiming to cause it to stop providing a service — a flood of bogus requests made to the system causes its overload, making it unable to handle requests from legitimate users.

A DoS attack, a variant of UDP flood implemented by sending large amounts of forged VoIP packets from a wide range of IP addresses to a VoIP server, usually used by a call center. As a result, the server wastes too much of its resources trying to handle the bogus requests. Due to some aspects of UDP protocol, a VoIP flood attack can be very hard to detect.

An attack type that exploits vulnerabilities of the MC-SQLR protocol used for sending queries to Microsoft SQL Server. An overload of a victim’s link is achieved as a result of getting lists of all database instances stored on multiple public SQL servers (including those hosted by service and cloud providers), along with the information on how to connect to those instances. The data is provided in response to a stream of spoofed scripted requests containing the attacked node’s IP address, sent to those SQL servers.