Are You Covered? Here’s a DDoS Checklist to Help You Find Out

3
8

Every day at Radware we have customers and prospects asking us about the key determinants in sourcing and testing a DDoS protection service.

  • What are the major considerations I should be covering for DDoS?
  • How do I know if I’m covering my bases?
  • What are the key cyber-attack vectors that I should concern myself with?
  • What are the technical vectors included in multi-vector cyber-attacks?

During a recent media interview, I was asked similar questions, but specifically about cyber-attack risks that threaten ATMs and POS systems – an issue worth investigating considering the looming Windows XP support changes. Just last week, the Federal Financial Institutions Examination Council (FFIEC) issued a statement to notify financial institutions about potential DDoS attacks associated with cyber-attacks on Automated Teller Machine (ATM) and card authorization systems and the continued distributed denial of service (DDoS) attacks on public-facing websites. The statement also describes steps that the members expect institutions to take to protect themselves from these potential attacks and it highlights resources that institutions can use to help mitigate risks.

Our team worked together to provide the quick checklist below to help you see how (and if!) you are covering the cyber-attack threats facing your environment. It can help you to identify types of DDoS attacks, threats, targets and techniques. We hope you find it useful and please feel free to reach out and ask us any questions.

DDoS Threats Attack Type Attacking Target Detection Mitigation
  Yes? No?
SYN Floods TCP Out-of-State Flood      
ACK Floods      
Garbage Floods      
Request Floods      
Packet Anomalies Flood      
HTTP Floods Get Requests      
Post Requests – Variable Values      
Invasive HTTP Vertical Scanning      
Invasive HTTP Horizational Scanning      
Put Requests      
Search Engine Floods      
UDP Floods (Non DNS) UDP Floods (Non DNS) ICMP Echo Request (Ping) Flood    
SSL Computing SSL renegotiation SSL vulnerability    
SSL traffic HTTPS flooding    
SSL handshake Computation power    
HTTP (Get/Post) Flood Attack HTTP Get/Post Flooding Bandwidth    
Processing Power    
HTTP vulnerability Protocol / RFC    
Slow Rate Attacks (AKA RUDY or R-U-Dead-Yet) Slow HTTP Post requests Processing Power    
Connections / Sessions    
Memory    
Partial data / transaction attack Application data integrity Application security control weakness    
SMTP flood Application data integrity Application security control weakness    
FTP flood Application data integrity Application security control weakness    
DNS Threat DNS traffic DNS volumetric attacks    
DNS spoofing attacks    
DNS amplification and reflection    
Protocol flaw DNS ID hacking    
DNS cache poisoning    
DNS root server attacks    
SIP / UCS Attacks Protocol flaw SIP Protocol Anomaly Attack    
SQL Injection Code injection SQL database    
Attack Techniques
Volumetric attacks HashDoS      
TCP/UDP/ICMP Flood      
SYN/Push/ACK Flood      
Malformed DNS queries / packets      
High volume properly formatted DNS queries      
DNS amplification / reflection attacks      
RFC/Compliance Attacks HashDoS      
Apache Killer      
Compute Intensive Attacks Slowloris      
SlowPost      
New variant – Slow Read      
Valid but CPU/memory intensive web/database requests      
Brute Force Attacks Zone Enumeration / Dictionary Attacks- DNS Brute Force      
Invalid Website Input Parameters Attack      
Search Engine Request Attacks      
HTTP Brute Force      
Buffer Overflow Attacks Buffer Overflow DNS      
Anti-Automation Attacks
Other Attacks HTTP Get Flood      
  LOIC or Variants      
  HOIC or Variants      
  HTTP Post Flood      
  nkiller2 (TCP Persist)      
  SIP Call-Control Flood      
  THC      
  Recoil      
  Rudy      
  Hulk      
  XerXes DoS      
  #RefRef DoS      

 

Like this article? Receive similar articles by subscribing to our blog today!

3 COMMENTS

  1. A refreshing change from similar articles with little substance – this is actually of some use to a practitioner. Excellent document.

LEAVE A REPLY

Please enter your comment!
Please enter your name here