The flooding attack is used to overwhelm the server in some way for example using TCP SYN packets which reserves resources on the server for the connection or complete HTTP requests as executed by a bot net. It is closely related to DoS and DDoS attacks. Questions may be about preventing, detecting or even running (for testing purposes) such an attack.
Questions tagged [flooding]
60 questions
1
vote
2 answers
Asynchronous vs. Synchronous authentication process
I'm currently developing a web application using Node.js (server-side JavaScript) and MongoDB (NoSQL database).
I'm at the stage where I have to design the authentication and I had a question about asynchronous programming.
One of the advantages of…
![](../../users/profiles/27389.webp)
Ko Ichi
- 27
- 1
- 2
1
vote
0 answers
What other than ping tools might be suitable for overwhelming a server that has disabled its functionality of being pinged?
The following code:
#!/usr/bin/bash
TARGETS=("nalog.gov.ru" "www.nalog.gov.ru"
"customs.gov.ru" "www.customs.gov.ru"
"ffs.ru" "www.ffs.ru"
"crimea-post.ru" "www.crimea-post.ru"
"minfin.gov.ru" "www.minfin.gov.ru")
echo "This script is going to…
![](../../users/profiles/274986.webp)
John Smith
- 11
- 1
1
vote
1 answer
How can a SYN flood affect a router in this scenario?
I'm using two routers in my home network, as described in this question (router B in the diagram). Therefore, router B is not accessible from the internet.
Going over the logs of this router, I was surprised to find what is logged as "SYN flood". I…
user218666
1
vote
2 answers
Block SYN,ACK response with iptables
I have a virtual environment and I am making a SYN flood attack to a Ubuntu Server's port 53 using Kali 2020.
I realized that a countermeasure for this attack is to limit or block the responses to the SYN packets, which are the SYN,ACK.
But how can…
![](../../users/profiles/231818.webp)
user231818
- 11
- 1
- 2
1
vote
0 answers
Whether ISPs provide path of Spoofed SYN Flood attack is the only way to trace the attack source?
The attacker spoofs SYN packets to attack a server.
In this document:
Spoofed Attack: A malicious user can also spoof the IP address on each SYN packet they send in order to inhibit mitigation efforts and make their identity more difficult to…
![](../../users/profiles/190529.webp)
244boy
- 935
- 2
- 6
- 8
1
vote
2 answers
packets characteristics (src,dst ports) of a DDos amplification attacks
In a DDoS amplification attack, say NTP flooding, an attacker uses a botnet network in order to query multiple NTP servers on port 123, spoofing the source address using the address of the victim/target.
To which port is the reflected traffic from…
![](../../users/profiles/104159.webp)
Taaha
- 11
- 2
1
vote
0 answers
Spoofing an IP/MAC address to avoid ICMP Destination Unreachable being sent back
As far as I understand UDP flooding the idea is to send UDP packets across all ports from e.g. Alice to Bob, and get Bob's machine to check who listens to certain ports and generate many ICMP destination unreachable packets to be sent back (+ Bob's…
![](../../users/profiles/106012.webp)
chao
- 111
- 1
1
vote
1 answer
Elastix Asterisk CLI flooded with chan_sip.c / sip_xmit warnings
I'm still new to Asterisk/Elastix and apologize if this question is misplaced.
Recently one of our larger clients was hacked and we remedied the situation by enabling fail2ban. It seemed to have stopped the hackers from trying to register extensions…
![](../../users/profiles/135028.webp)
Son of Sam
- 77
- 1
- 8
1
vote
2 answers
How to stop the flood of spam?
I have a website on MS Azure and for the past two months, I've been getting mass amount of requests from Russia spamming my site and logs with non-sense and pro-Trump garbage. Based on what I read, I'm not the only site with this issue. Google…
![](../../users/profiles/110472.webp)
Zuzlx
- 235
- 2
- 8
1
vote
2 answers
Is port in UDP flood necessary? HTTP flood-down because? UDP, SYN and ICMP flood methods
I have questions about DDoS attacks.
In flood scripts, the script sends UDP packets to "ip.address:random.port"
Why It doesn't use only the IP? Is port necessary?
If someone is HTTP flooding a website and make it down.
Is it because of HTTP server…
![](../../users/profiles/122816.webp)
imafunnypanda
- 11
- 2
1
vote
0 answers
UDP flood from my own IP
A few moments ago I was trying to open Youtube when the browser (Chrome) notified me that I have no internet connection. All of my cable connections were OK. I disconnected the cable from my computer and reconnected it and the website opened.…
![](../../users/profiles/108578.webp)
Nakute Marato
- 59
- 1
- 2
- 4
1
vote
1 answer
How do these techniques work for protecting against SYN flood?
I'm reading about how SYN flood can be prevented. Wikipedia has
Filtering
Increasing Backlog
Reducing SYN-RECEIVED Timer
Recycling the Oldest Half-Open TCP
SYN Cache
SYN cookies
Hybrid Approaches
Firewalls and Proxies
What exactly is meant by…
![](../../users/profiles/10714.webp)
Celeritas
- 10,039
- 22
- 77
- 144
0
votes
1 answer
Is there some kind of a local DoS against processes?
Is there an attack that somehow floods a target process (e.g. by repeatedly calling a WinAPI function that involves the process) and thereby crashes or temporarily disables it?
![](../../users/profiles/70947.webp)
Benjoyo
- 103
- 4
0
votes
2 answers
What could be the reason for the high traffic on the local network?
In our small company we have very high traffic outbound from local network to server which is getting blocked, and slow downs our server respond time. Especially at night.
I am not security specialist so I am not sure what where and how to check…
![](../../users/profiles/39602.webp)
hal9k2
- 3
- 1
- 5
0
votes
3 answers
Is there such a thing as MySQL connection flooding?
I'm a developer for a small website. There are 3 webservers (for load balancing) and a MySQL server.
Today the webservers seem to be down, and, unfortunately, I cannot get hold of the admin (he's in a different timezone, probably asleep). But I do…
![](../../users/profiles/6245.webp)
Vilx-
- 998
- 2
- 7
- 15