IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [flooding]

The flooding attack is used to overwhelm the server in some way for example using TCP SYN packets which reserves resources on the server for the connection or complete HTTP requests as executed by a bot net. It is closely related to DoS and DDoS attacks. Questions may be about preventing, detecting or even running (for testing purposes) such an attack.

60 questions
1
vote
2 answers

Asynchronous vs. Synchronous authentication process

I'm currently developing a web application using Node.js (server-side JavaScript) and MongoDB (NoSQL database). I'm at the stage where I have to design the authentication and I had a question about asynchronous programming. One of the advantages of…
Ko Ichi
  • 27
  • 1
  • 2
1
vote
0 answers

What other than ping tools might be suitable for overwhelming a server that has disabled its functionality of being pinged?

The following code: #!/usr/bin/bash TARGETS=("nalog.gov.ru" "www.nalog.gov.ru" "customs.gov.ru" "www.customs.gov.ru" "ffs.ru" "www.ffs.ru" "crimea-post.ru" "www.crimea-post.ru" "minfin.gov.ru" "www.minfin.gov.ru") echo "This script is going to…
John Smith
  • 11
  • 1
1
vote
1 answer

How can a SYN flood affect a router in this scenario?

I'm using two routers in my home network, as described in this question (router B in the diagram). Therefore, router B is not accessible from the internet. Going over the logs of this router, I was surprised to find what is logged as "SYN flood". I…
user218666
1
vote
2 answers

Block SYN,ACK response with iptables

I have a virtual environment and I am making a SYN flood attack to a Ubuntu Server's port 53 using Kali 2020. I realized that a countermeasure for this attack is to limit or block the responses to the SYN packets, which are the SYN,ACK. But how can…
user231818
  • 11
  • 1
  • 2
1
vote
0 answers

Whether ISPs provide path of Spoofed SYN Flood attack is the only way to trace the attack source?

The attacker spoofs SYN packets to attack a server. In this document: Spoofed Attack: A malicious user can also spoof the IP address on each SYN packet they send in order to inhibit mitigation efforts and make their identity more difficult to…
244boy
  • 935
  • 2
  • 6
  • 8
1
vote
2 answers

packets characteristics (src,dst ports) of a DDos amplification attacks

In a DDoS amplification attack, say NTP flooding, an attacker uses a botnet network in order to query multiple NTP servers on port 123, spoofing the source address using the address of the victim/target. To which port is the reflected traffic from…
Taaha
  • 11
  • 2
1
vote
0 answers

Spoofing an IP/MAC address to avoid ICMP Destination Unreachable being sent back

As far as I understand UDP flooding the idea is to send UDP packets across all ports from e.g. Alice to Bob, and get Bob's machine to check who listens to certain ports and generate many ICMP destination unreachable packets to be sent back (+ Bob's…
chao
  • 111
  • 1
1
vote
1 answer

Elastix Asterisk CLI flooded with chan_sip.c / sip_xmit warnings

I'm still new to Asterisk/Elastix and apologize if this question is misplaced. Recently one of our larger clients was hacked and we remedied the situation by enabling fail2ban. It seemed to have stopped the hackers from trying to register extensions…
Son of Sam
  • 77
  • 1
  • 8
1
vote
2 answers

How to stop the flood of spam?

I have a website on MS Azure and for the past two months, I've been getting mass amount of requests from Russia spamming my site and logs with non-sense and pro-Trump garbage. Based on what I read, I'm not the only site with this issue. Google…
Zuzlx
  • 235
  • 2
  • 8
1
vote
2 answers

Is port in UDP flood necessary? HTTP flood-down because? UDP, SYN and ICMP flood methods

I have questions about DDoS attacks. In flood scripts, the script sends UDP packets to "ip.address:random.port" Why It doesn't use only the IP? Is port necessary? If someone is HTTP flooding a website and make it down. Is it because of HTTP server…
imafunnypanda
  • 11
  • 2
1
vote
0 answers

UDP flood from my own IP

A few moments ago I was trying to open Youtube when the browser (Chrome) notified me that I have no internet connection. All of my cable connections were OK. I disconnected the cable from my computer and reconnected it and the website opened.…
Nakute Marato
  • 59
  • 1
  • 2
  • 4
1
vote
1 answer

How do these techniques work for protecting against SYN flood?

I'm reading about how SYN flood can be prevented. Wikipedia has Filtering Increasing Backlog Reducing SYN-RECEIVED Timer Recycling the Oldest Half-Open TCP SYN Cache SYN cookies Hybrid Approaches Firewalls and Proxies What exactly is meant by…
Celeritas
  • 10,039
  • 22
  • 77
  • 144
0
votes
1 answer

Is there some kind of a local DoS against processes?

Is there an attack that somehow floods a target process (e.g. by repeatedly calling a WinAPI function that involves the process) and thereby crashes or temporarily disables it?
Benjoyo
  • 103
  • 4
0
votes
2 answers

What could be the reason for the high traffic on the local network?

In our small company we have very high traffic outbound from local network to server which is getting blocked, and slow downs our server respond time. Especially at night. I am not security specialist so I am not sure what where and how to check…
hal9k2
  • 3
  • 1
  • 5
0
votes
3 answers

Is there such a thing as MySQL connection flooding?

I'm a developer for a small website. There are 3 webservers (for load balancing) and a MySQL server. Today the webservers seem to be down, and, unfortunately, I cannot get hold of the admin (he's in a different timezone, probably asleep). But I do…
Vilx-
  • 998
  • 2
  • 7
  • 15
1 2
3
4