Each DDoS (distributed denial-of-service) attack seem to be larger than the last, and recent advisories from Akamai and Ixia indicate that attackers are stepping up their game. As attackers expand their arsenal of reflection methods to target CLDAP (Connection-less Lightweight Directory Access Protocol) and BIND, expect to see even larger attacks this year.
Reflection attacks abuse legitimate protocols, such as NTP (Network Time Protocol), DNS (Domain Name System), and SNMP (Simple Network Management Protocol), to produce significantly large amounts of attack bandwidth. Attackers send a request to a third-party server using a spoofed IP address, and the server sends a response, which is typically much larger in size, back. Since the IP address is spoofed, the response doesn’t go to the original requester, but to the unsuspecting victim. Instead of building large botnets of millions of compromised hosts to launch a large attack, attackers can use a smaller number of systems to target exposed third-party servers.
To read this article in full or to leave a comment, please click here