Terms

A DDoS attack that exploits vulnerabilities of the SNMP network management protocol and resembles DNS amplification attacks.

A type of DoS attack exploiting vulnerabilities of Session Initiation Protocol (SIP) used in VoIP services and applications: a SIP server overload is achieved by sending it a flood of messages containing deliberately malformed data. Attacks of this kind generally result in disrupting normal operation of VoIP services.

A variant of DoS attack implemented at the TCP protocol level – during the attack, a victim node is overloaded by sending a large amount of SYN TCP segments to it (usually, a node is unable to handle more than several thousands of the segments at once). Attacks of this kind are highly efficient.

A class of attacks involving an intermediary acting for its own benefit: after inserting itself between two parties exchanging data, a third participant receives unauthorized access to their traffic with the ability to do virtually anything with it. The intermediary makes effort to hide itself in order not to evoke any legitimate parties’ suspicions of breaching the privacy and integrity of their traffic.

A kind of DoS attack that uses IP protocol features – a victim server is sent a large stream of packets with their Protocol field value set to zero (usually, the field contains the code of transport level protocol, except for IPv6 packets). This results in server wasting its resources trying to process the packets in a correct way.

This type of amplified DoS attacks exploit the way DNS services operate – a forged domain request is sent to a vulnerable DNS server, and its response, being of a significant size, is forwarded to a victim server, resulting in its link getting overwhelmed with the responses. This type of attack is distinctive in that it is almost impossible to detect where the forged requests come from.

A variant of UDP flood, a DoS attack targeting servers that use NTP (Network Time Protocol), a protocol for synchronizing computers’ internal clocks. An NTP server overload is achieved by sending multiple spoofed NTP requests from a large number of IP addresses.

A type of amplification attack exploiting features of Memcached system, which is widely used for in-memory caching of data in order to accelerate websites’ operation.

A type of DoS attack, a variant of HTTP flood where the attacker requests a number of pages from a web site, analyzes the responses and then recursively requests every object available at the site. As long as recursive requests created this way look legitimate, using the approach significantly lowers the probability of detecting the attack.

A kind of DoS attack targeting web servers that uses bots to send multiple HTTP GET requests for accessing the largest site elements, which causes a great load on the server, leading to it being unable to process other requests. Aside from GET requests, similar results could be achieved by POST requests or some other HTTP-based actions. Attacks of this kind can often be very efficient as they do not require to use a large number of bots.