💥 Distributed DoS Attacks and Botnets 9.2.3

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/9

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

10 Terms

1
New cards

Distributed DoS (DDoS) Attack

An attack launched simultaneously by multiple hosts to consume network bandwidth or cause resource exhaustion on a target.

2
New cards

SYN Flood Attack

A DDoS attack that exploits the TCP three-way handshake by spoofing the client's IP and withholding the final ACK packet to fill the server's pending connection queue.

3
New cards

TCP Three-Way Handshake exploited in SYN Flood

SYN (Client) $\rightarrow$ SYN/ACK (Server) $\rightarrow$ ACK (Client). The ACK is withheld.

4
New cards

Distributed Reflection DoS (DRDoS) / Amplification Attack

The adversary spoofs the victim's IP and uses multiple servers (reflectors) to direct their responses (amplified traffic) to the victim server.

5
New cards

Common protocols abused for Amplification Attacks

DNS (Domain Name System) and NTP (Network Time Protocol).

6
New cards

Advantage of DNS Amplification

The small initial request is amplified because the large response includes a lot of information, overwhelming the victim's bandwidth.

7
New cards

Botnet

A group of compromised hosts (zombies) used to launch DDoS and DRDoS attacks under centralized control.

8
New cards

Handler / Herder

A compromised machine that a threat actor uses to compromise and manage hundreds or thousands of zombie hosts.

9
New cards

Command and Control (C2 or C&C) Network

The network established between the handlers and the bots used to trigger simultaneous attacks.

10
New cards

IoT Botnet

A botnet composed of compromised Internet-enabled devices such as SOHO routers, webcams, or smart TVs.