Notes

Ping of Death
Ping of death (”POD”) is a denial of service attack that manipulates IP protocol by sending packets larger than the maximum byte allowance, which under IPv4 is 65,535 bytes. Large packets are divided across multiple IP packets — called fragments — and once reassembled create a packet larger than 65,535 bytes. The resulting behemoth packet causes servers to reboot or crash

Reflected Attack
A reflected attack is where an attacker creates forged packets that will be sent out to as many computers as possible. When these computers receive the packets they will reply, but the reply will be a spoofed address that actually routes to the target. All of the computers will attempt to communicate at once and this will cause the site to be bogged down with requests until the server resources are exhausted.

Application Level Attacks
Application level attacks target areas that have more vulnerabilities. Rather than attempt to overwhelm the entire server, an attacker will focus their attack on one — or a few — applications. Web-based email apps, WordPress, Joomla, and forum software are good examples of application specific targets.
..........................................................................
Volume based attacks — Includes UDP floods, ICMP floods, and other spoofed-packet floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps).
Protocol Attacks — Includes SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and more. This type of attack consumes actual server resources, or those of intermediate communication equipment, such as firewalls and load balancers, and is measured in packets per second (Pps).
Application Layer Attacks — Includes low-and-slow attacks, GET/POST floods, attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Comprised of seemingly legitimate and innocent requests, the goal of these attacks is to crash the web server, and the magnitude is measured in Requests per second (Rps).
,..................................................................................

The most common types of DDoS Attacks:
UDP Flood
ICMP (Ping) Flood
SYN Flood
Ping of Death (POD)
HTTP Flood
UDP Flood
Image for post
UDP Flood Attack
Simply put, DDoS attackers send highly-spoofed UDP (user datagram protocol) packets at a very high packet rate using a large source IP range.
ICMP Flood
Image for post
SMURF ICMP Flood Attack
Internet Control Message Protocol (ICMP) flood attack, is a common Denial-of-Service (DoS) attack in which an attacker attempts to overwhelm a targeted device with ICMP echo-requests (pings).
SYN Flood
Image for post
SYN flood is a form of DoS attack in which attackers send many SYN requests to a victim’s TCP port, but the attackers have no intention to finish the 3-way handshake procedure. Attackers either use spoofed IP address or do not continue the procedure. Through this attack, attackers can flood the victim’s queue that is used for half-opened connections, i.e. the connections that has finished SYN, SYN-ACK, but has not yet gotten a final ACK back.
Ping of Death (POD)
Image for post
A ping of death (short POD) is a denial of service attack on a computer that uses a malicious ping to crash the target computer. This malicious ping is created by sending an IP packet larger than 65,536 bytes which are allowed by the IP protocol.
HTTP Flood
Image for post
An HTTP flood attack is a type of Layer 7 application attack that utilizes the standard valid GET/POST requests used to fetch information, as in typical URL data retrievals (images, information, etc.) during SSL sessions. An HTTP GET/POST flood is a volumetric attack that does not use malformed packets, spoofing or reflection techniques.