A- A A+

Web Content Viewer

Actions

Detect & Mitigate your Business risks with our DDoS Protection service

Web Content Viewer

Actions

What is DDoS?

Denial-of-Service (DoS) attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services through flooding the targeted network/ machine with superfluous requests to overload systems and prevent legitimate requests from being fulfilled. In a Distributed Denial-of-Service (DDoS) attack, the incoming traffic flooding the victim, originates from many different compromised sources/machines called BOTNETS.

Web Content Viewer

Actions
Protection in
The Cloud
Protection in The Cloud

protection against high volumetric attacks.

On-premise
Protection
On-premise Protection

protection against stealthy application layer attacks.

Multi-layer
defense
Multi-layer Defense

protection against full spectrum of DDoS attacks.

Web Content Viewer

Actions

Different Types of DDoS Attacks

Volumetric DDoS Attacks

Volumetric attacks attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.





TCP State-Exhaustion DDoS Attacks

TCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves.




Application Layer DDoS Attacks

Application Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to pro-actively detect and mitigate).


Web Content Viewer

Actions

Volumetric DDoS Attacks

Volumetric DDoS attacks are designed to overwhelm internal network capacity and even centralized DDoS mitigation scrubbing facilities with significantly high volumes of malicious traffic. These DDoS attacks attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet..

What Are the Different Types of Volumetric DDoS Attacks?

Volumetric DDoS attacks are typically launched against a specific target, usually critical Service Provider (SP) services or enterprise customers. Highly skilled attackers tend to combine volumetric DDoS attacks with application layer attacks to hide the more focused application level attacks which do the real damage. These types of DDoS attacks take advantage of vulnerable services like memcached, NTP, DNS and SSDP, launching spoofed queries which will flood the destination with large reply packets, filling up links, and many cases, resulting in the target network infrastructure collapsing.

Common volumetric attacks might include:
  • ICMP Flood
  • IP/ICMP Fragmentation
  • IPSec Flood
  • UDP Flood
  • Reflection Amplification Attacks

Web Content Viewer

Actions

TCP State-Exhaustion DDoS Attacks

State-exhaustion DDoS attacks are primarily focused on taking down services or underlying network infrastructure which is responsible for delivering content to the end users. This might involve an attacker targeting DNS name servers with invalid name queries, thus resulting in increased load on the DNS infrastructure itself, disrupting service as users will no longer be able to connect to the services as the DNS name cannot be resolved to IP addresses. This DDoS attack vector was used in the DYN attack in 2016 which resulted in major web sites like Amazon, Twitter, Github and others becoming unavailable. The attacker might also target Transport Layer Security (TLS) endpoints, thereby resulting in legitimate users being unable to connect to the services. As the name suggests, these DDoS attacks target stateful devices such as Next Gen Firewalls with the intention of filling TCP State Tables with bogus connections. These DDoS attacks are typically employed by determined attackers who monitor and adjust their attacks for maximum impact.


Such DDoS attacks are usually low-to-mid volume since they have to conform to the protocol the application itself is using, which often involves protocol handshakes and protocol/application compliance. This means that these attacks will primarily be launched using discrete intelligent clients, usually IoT devices, and cannot be spoofed.


What Are the Different Types of State-Exhaustion DDoS Attacks?

State-exhaustion DDoS attacks typically target the edge load balancers, firewalls, and stateful traffic inspection services of publicly-exposed services by stressing the scale of the Transmission Control Protocol (TCP) state machine of these devices. These DDoS attacks can easily overwhelm even large-scale enterprise services, but present as much lower overall bandwidth attacks (typically less than 10-20 gigabits per second), so they are not normally considered a direct threat to the network provider’s infrastructure. State-exhaustion DDoS attacks cannot be mitigated in stateless edge router infrastructures.

Common state-exhaustion attacks might include:
  • SYN Flood
  • SSL/TLS Exhaustion
  • DNS Query/NXDOMAIN Flooding

Web Content Viewer

Actions

Application Layer DDoS Attacks

Application layer DDoS attacks are designed to attack the application itself, focusing on specific vulnerabilities or issues, resulting in the application not being able to deliver content to the user. Application layer DDoS attacks are designed to attack specific applications, the most common is web servers, but can include any application such SIP voice services and BGP.


Such DDoS attacks are usually low-to-mid volume since they have to conform to the protocol the application is using, which often involves protocol handshakes and protocol/application compliance. This means that these DDoS attacks will primarily be launched using discrete intelligent clients, usually Internet of Things (IoT) devices, and cannot be spoofed.


What Are the Different Types of Application Layer DDoS Attack?

When looking at DDoS trends over time, attacks are cyclical in nature. Attackers develop new DDoS attack types and vectors, which are used to launch a new wave of attacks. As defenders become more proficient in stopping these new DDoS attacks, the attackers develop new types of attacks and the cycle repeats itself.


The proliferation of insecure IoT devices in recent years has been a boon to the DDoS attackers as there are now a nearly unlimited number of intelligent devices which can be used to launch more advanced application layer attacks.


Common state-exhaustion attacks might include:
  • Slowloris
  • Slow Post
  • Slow read
  • HTTP(/s) Flooding
  • Low and Slow Attack
  • Large Payload POST
  • Mimicked User Browsing

Web Content Viewer

Actions

Are you interested in DDOS?

Our team is happy to answer your sale queries, send us an inquiry and we will be in touch shortly.

Thank you

For chosing Omantel's Enterprise services

You will be contacted within 2 working days
to follow up on your request, please contact 1235

Your reference number is: رقم التتبع الخاص بك:

Closeإغلاق

Oops! Something went wrong…حدث خطأ ما..!

There was an error submitting your application.
Please try again.حدث خطأ أثناء ارسال الطلب.
يرجى المحاولة مرة اخرى.

Back to Submitعودة لاستمارة الطلب
Please enter your organization's information
and we will contact you shortly

* Mandatory fieldsحقول اجبارية