jiakuanghe.github.io

DDoS

Intro

In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

CC Attack

A Challenge Collapsar (CC) attack is an attack where standard HTTP requests are sent to a targeted web server frequently. The Uniform Resource Identifiers (URIs) in the requests require complicated time-consuming algorithms or database operations which may exhaust the resources of the targeted web server.[60][61][62]

In 2004, a Chinese hacker nicknamed KiKi invented a hacking tool to send these kinds of requests to attack a NSFOCUS firewall named Collapsar, and thus the hacking tool was known as Challenge Collapsar, or CC for short. Consequently, this type of attack got the name CC attack.[63]

ICMP Attack

Internet Control Message Protocol (ICMP) flood[edit]

A smurf attack relies on misconfigured network devices that allow packets to be sent to all computer hosts on a particular network via the broadcast address of the network, rather than a specific machine. The attacker will send large numbers of IP packets with the source address faked to appear to be the address of the victim.[64] Most devices on a network will, by default, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim’s computer will be flooded with traffic. This overloads the victim’s computer and can even make it unusable during such an attack.[65]

Ping flood is based on sending the victim an overwhelming number of ping packets, usually using the ping command from Unix-like hosts.[a] It is very simple to launch, the primary requirement being access to greater bandwidth than the victim.

Ping of death is based on sending the victim a malformed ping packet, which will lead to a system crash on a vulnerable system.

The BlackNurse attack is an example of an attack taking advantage of the required Destination Port Unreachable ICMP packets.

Cloudflare

Cloudflare, Inc. is an American company that provides content delivery network services, cloud cybersecurity, DDoS mitigation, and ICANN-accredited[3] domain registration services.[4][5][6] Cloudflare’s headquarters are located in San Francisco, California.[4] According to The Hill, it is used by more than 20 percent of the Internet for its web security services as of 2022.[7]

CDN (Content delivery network)

Content delivery network - Wikipedia

A content delivery network, or content distribution network (CDN), is a geographically distributed network of proxy servers and their data centers.