Thursday, August 20, 2015

"Reflective Denial of Service Attacks" explained by CERT


US-Cert in Pittsburgh has released a new warning about “UDP-Based Amplification Attacks”, also called “Distributed Reflective Denial of Service” (DRDoS) attacks.  These attacks are based on connection-less protocols that don’t validate source IP addresses.

CERT recommends that ISP’s not permit these kinds of connections or offer them.  But they may have become more common as ISP’s have started offering almost limitless bandwidth and disk space to small customers. 

These attacks could be a problem for smaller ISP’s (less common today than in the late 90s) or for those who run their own connections. 



Update: March 29, 2016

Any casual perusal of YouTube shows many videos on how to conduct DDOS.  Many of them require some scripting command language knowledge.  I'm a little surprised that their presence doesn't violate YouTube TOS, or maybe I'm not surprised.  There is mention of Anonymous and trying to attack ISIS on the Dark Web, too.  

No comments: