Distributed Reflection Denial of Service

From Wikipedia, the free encyclopedia

You have new messages (last change).
It has been suggested that this article or section be merged into Denial-of-service_attack#Reflected attack. (Discuss)

A 'DRDoS' (Distributed Reflection Denial of Service) is much like a DDoS, only, the attack's source is 'spoofed'.

In normal operation, a server receiving a SYN packet to establish a connection will respond with a SYN/ACK (acknowledgement) packet. A malicious user may fake the source IP address of the original SYN packet, causing the server to send the SYN/ACK packet to a victim host. A single malicious user can send the same SYN packet to many servers, which will then presumably overwhelm the victim with SYN/ACK packets. DRDoS is preferable to simple DOS attacks due to the distribution of sources for the attack, and simpler than DDOS because infected hosts are not required; any host will perform as necessary. A DRDoS attack may occur on any port, making many traditional firewall defenses useless.

[edit] External links

Retrieved from "http://en.wikipedia.org../../../d/i/s/Distributed_Reflection_Denial_of_Service_d79c.html"