DDoS amplification attacks by Memcached

DDoS amplification attack
DDoS amplification attack

What is DDoS amplification attack?

These attacks usually use the UDP protocol. It is a simple connectionless communication model with a minimum of protocol mechanism. This means that one of the sides in the communication can send large amount to the other without restrictions. Without any confirmation and it doesn’t matter if the second side receive the data.

Due to the way the UDP protocol works, cyber-criminals use it to generate DDoS amplification attacks. The attacker sends a small UDP request with a spoofed IP address of the victim to public services.

The UDP protocol doesn’t require a connection verification between the parties. This is why the public services reply with the requested data to the IP address of the victim. As bigger is the data returned by exploited public service, bigger is the DDoS amplification factor.

In the past few years, hackers have exploited many public DNS resolvers and NTP servers to generate massive DDoS attacks against popular websites and services. Continue reading “DDoS amplification attacks by Memcached”

DDoS attacks and how to protect ourselves

DDoS Attacks are widespread threats on the internet. With the continually increasing numbers of connected devices and new innovative ways of hacking them, we can’t just stay and wait to get affected. We should smartly implement our DNS infrastructure and choose a trusted DNS provider to be safe and to evade the downtime of our services.
But to be protected, we must know the danger.

DDoS attack

DDoS attack (denial-of-service attack). There are few different types, but in general, a DDoS attack is an attempt to overwhelm the target (a computer, few connected computers or a whole DNS network) with high traffic from multiple sources.

DDoS attack and information security expert

Continue reading “DDoS attacks and how to protect ourselves”