Recursive HTTP GET flood

Post category:#Attacks

A type of DoS attack, a variant of HTTP flood where the attacker requests a number of pages from a web site, analyzes the responses and then recursively requests every object available at the site. As long as recursive requests created this way look legitimate, using the approach significantly lowers the probability of detecting the attack.

Read moreRecursive HTTP GET flood

HTTP Flood

Post category:#Attacks

A kind of DoS attack targeting web servers that uses bots to send multiple HTTP GET requests for accessing the largest site elements, which causes a great load on the server, leading to it being unable to process other requests. Aside from GET requests, similar results could be achieved by POST requests or some other HTTP-based actions. Attacks of this kind can often be very efficient as they do not require to use a large number of bots.

Read moreHTTP Flood

Slowloris (Session Attacks)

Post category:#Attacks

A type of DoS attacks targeting streaming web servers – the attacker tries to establish many HTTP connections with the targeted server and keep them open as long as possible by sending partial requests and HTTP headers, with the requests never completing. With the server keeping the connections open, its pool of simultaneous connections eventually maxes out, so the server begins to refuse further connections to clients.

Read moreSlowloris (Session Attacks)

RST/FIN Flood

Post category:#Attacks

DoS attacks against TCP servers that exploit vulnerabilities in TCP-SYN session closure: a server overload is achieved by sending a flood of forged RST or FIN packets.

Read moreRST/FIN Flood

SYN/ACK Flood

Post category:#Attacks

SYN/ACK flood is a type of DoS attack targeting TCP servers that involves sending spoofed packets with both SYN and ACK flags set, which causes a server overload.

Read moreSYN/ACK Flood