A Bleak Future of DDoS Attacks
posted by John Spacey, March 10, 2011Distributed Denial of Service (DDoS) attacks have evolved — becoming more efficient by targeting higher level services.
Recent developments in technology have exposed vulnerabilities that may further enable DDoS attacks.
Classic DDoS Attacks
In the past, most DDOS attacks were TCP (Layer 4) attacks — designed to tie up TCP sessions, connections and resources.Over time, networking equipment and anti-DDoS solutions evolved — today there are effective solutions for Layer 4 attacks.
DDoS Trends
Increasingly, DDoS attacks now target Layer 7 protocols such as HTTP.
Layer 7 DDoS
Layer 7 DDoS attacks are more efficient and difficult to defend against:
Layer 7 DDoS Examples:
- requesting large files or objects that use up bandwidth
- requesting complex queries that tie up database connections
- manipulating HTTP headers to tie up web server connections
- exploiting vulnerabilities such as buffer overruns
- requesting large files or objects that use up bandwidth
- requesting complex queries that tie up database connections
- manipulating HTTP headers to tie up web server connections
- exploiting vulnerabilities such as buffer overruns
The Future of DDoS
Today, most layer 7 DDoS attacks target the web server or web application. However, web services are increasingly being targeted.
SOA DDoS?
New architectural approaches such as Service Oriented Architecture (SOA) may be even more vulnerable to DDoS attack.
SOA services often implement high level functionality that may trigger:
- complex logic and queries
- legacy APIs and systems
- human workflows
- other SOA services
- components
- integration
- complex logic and queries
- legacy APIs and systems
- human workflows
- other SOA services
- components
- integration
One request to a SOA service can consume a great deal of enterprise resources. As a result, SOA DDoS attacks could immobilize a wide range of enterprise systems and services.
|
Back-to-basics ITIL definitions that may serve as a useful executive overview. |
|
Understanding your vulnerabilities is the first step to managing risk. |
|
Should EA report to the CIO? COO? CFO? CEO? How about the Board of Directors? |
|
The following template captures your high level enterprise architecture. |
Recently on Simplicable
|
| Cloud Guideposted by John SpaceyA guide to cloud computing including cheat sheets, best practices and metrics. |
| Web Security: Battleships and Locustsposted by Anna MarThere are two types of web security threats: battleships and locusts. |
| Web Security Illustratedposted by John SpaceyHow would you explain web security to your grandmother? |
