Skip to main content

Questions tagged [ddos]

Distributed Denial Of Service (DDOS) is the intentional paralyzing of a computer network by flooding it with data sent simultaneously from many individual computers (so-called zombies) which are used to stage DDOS attacks

Filter by
Sorted by
Tagged with
1 vote
1 answer
149 views

Potential Linux.Xor.DDoS - chkrootkit

I have a Debian server, and I was recently contacted by my hosting provider that my server is being used to DDoS people/servers. Is this the cause? Searching for Linux.Xor.DDoS ... INFECTED: Possible ...
Server's user avatar
  • 11
1 vote
0 answers
366 views

How to diagnose a DDOS on a home network?

I'm a user with a consumer level modem and a plain wifi router. I have been seeing activity where for long periods of time over night, my internet connection will shut off for 10-20 minutes at a time. ...
tuskiomi's user avatar
  • 202
0 votes
1 answer
151 views

I am being attacked by a DDoS tool. How do I defend against it? [closed]

I used Cloudflare's waf and created several rules to allow only a few countries to access, deny access to old browsers, and started hosting rules. Although the defense was successful, my website was ...
allan's user avatar
  • 1
0 votes
0 answers
31 views

Router getting several port scans and DOS a minute from foreign IPs. Should I be worried? [duplicate]

What Happened: I was looking at the logs in my router and saw that suddenly I started getting warnings about "port scan attacks" and "DDOS attempts" every few seconds from my ...
DaveCat's user avatar
  • 101
0 votes
1 answer
189 views

How to prevent spam attacks from rotating proxies

My website has hundreds of thousands of html pages that are open to public. Each time a html page is requested, a call will be made to my database to get the correct data. Therefore the cost of each ...
Tuan Do's user avatar
0 votes
0 answers
97 views

How to handle Microsoft FTP server being DDoSed

We noticed FTP service going down intermittently in the server and we found an FTP user was used to DDoS the server. Then we deleted the specific user from the server. After that the user "...
Bose's user avatar
  • 1
1 vote
0 answers
103 views

Ddos attack on the ISP [closed]

I need help in controlling my ISP from Ddos attacks it's happening for almost a month almost everyday bringing down the isp for 4 to 5 hours sometimes for the whole day anyone can help it guide what ...
Fiber beam 's user avatar
1 vote
0 answers
162 views

Code to detect HTTP/2 Rapid Reset Attack vulnerability

Is there code/library to detect this vulnerability? I have been searching online and do not find any We are using Cloudflare which has fixed the issue but government says "we may" have the ...
Matias Haeussler's user avatar
0 votes
1 answer
237 views

Key difference between DoS & DDoS [duplicate]

What are the key components that define them and what are the differences? are there any standard structure of it? I've looked at several papers, and some of them using as a same, and some of them are ...
drchopin's user avatar
1 vote
0 answers
321 views

How can I verify that my DoS attack is effective?

I was trying to simulate a DoS attack on the CORE network emulator using hping3 (Ubuntu). The topology is like three PCs connected by a router. The client's IP is 10.0.0.20/24, The server's IP is 10.0....
Harsha Gangari's user avatar
3 votes
0 answers
138 views

Can botnets/malicious traffic be effectively reduced on my exit nodes?

I host a small collection of TOR exit nodes to the clear net. Believe it or not, the number one complaint I get in my inbox is not due to illegal materials coming through the nodes (of which I have ...
tuskiomi's user avatar
  • 202
2 votes
0 answers
2k views

Checking IP's reputation on CloudFlare and Google [closed]

Google and CloudFlare have recently indicated that my home IP address is contributing to a DDoS or spam network. I am frequently being checked (What is the website checking about my browser to protect ...
Peter Becich's user avatar
2 votes
1 answer
235 views

How to avoid breaking end-to-end encryption while employing cloud-based DDoS protection?

I have a few websites and apps that I need to protect from DDoS attacks. These websites and apps are delivered by various servers that sit in several small data centers around the world. I'm thinking ...
hilltothesouth's user avatar
0 votes
1 answer
141 views

icmp smurf attack

I am learning about ICMP smurf attack and for this, I have forged a packet with the following details: source_mac_address = **??** destination_mac_address = router mac address char ...
Rajat Aggarwal's user avatar
0 votes
3 answers
245 views

Avoid checking passwords for dos attacks

A server gets requests with a username and password. Checking the password can be expensive, so a hacker can do a DoS attack by sending lots of requests with random passwords. No attempt to break in, ...
gnasher729's user avatar
  • 2,727
0 votes
1 answer
1k views

Does a DDoS Attack affect the internet connection apart from the service it's attacking?

Lately I've been experiencing some crashes related to my internet connection, I'm on the process of pin-pointing what is causing the issue and one of those possible causes might be a DDoS attack, ...
Kevin Mac-Ginty's user avatar
1 vote
1 answer
405 views

Is my website under attack?

I have a web server. I was investigting why my nginx is keep crashing. I noticed a few other issues in my logs. Note: In the log report, I replace the name of my website with example.com and my second ...
martiz's user avatar
  • 11
0 votes
1 answer
1k views

Is using route 53 from AWS sufficient for DDOS protection on DNS level, or do you need to combine it with other AWS products

We have been targeted by DNS DDOS attacks. We have now migrated to AWS Route53 as these DNS servers are more resilient. Is using AWS Route 53 enough to have basic DDOS protection? Or is it necessary ...
MichaelD's user avatar
  • 101
0 votes
1 answer
287 views

If I create multiple sockets on a single IP and create a connection with the server with each of them, can I do a DDoS?

So basically, if the server is let's say Apache or any other thread based server, so if I create multiple sockets on my machine and request the server until all of its threads get exhausted and try to ...
Eshu Manohare's user avatar
2 votes
3 answers
816 views

Limit REST API calls by fingerprinting and IP

I have a question regarding request limits for a REST service endpoint. I think of course the most basic identification used to limit requests is by taking the user's IP address, but what if we have ...
NeoNeo's user avatar
  • 21
1 vote
2 answers
326 views

Is Stack Exchange immune to DDoS and DoS attacks?

I have heard that DDoS and DoS attacks work most of the time and that they are used when SQL insertion and other methods fail. I know Stack Exchange has a lot of programmers, and that they have this ...
anon's user avatar
  • 13
1 vote
0 answers
97 views

Opencart website getting request from random subdomains (DDoS)

We have an Opencart 3.0.3 website which is getting DDoSed, we then migrated it to AWS and noticed the same thing happening, we blocked access from all other countries except US & Canada. For admin ...
Sankalp Chari's user avatar
0 votes
1 answer
92 views

DDoS throttling vs deny actions

Recently I saw the Google Report about the DDoS Attack that they managed to stop. In the report, they said, "They chose the ‘throttle’ action over a ‘deny’ action in order to reduce chance of ...
aidCoder's user avatar
1 vote
1 answer
1k views

How to protect home network from DDoS attacks when assigned a static IP that is already known to attackers?

Is there something I can do in this case? My ISP says they cannot assign me a different IP. At this stage a VPN no longer helps, correct?
user281965's user avatar
2 votes
1 answer
461 views

What happens to malicious traffic in a scrubbing center during a DDoS attack?

My understanding of a scrubbing center is when a DDoS is underway, all traffic gets routed to a scrubbing center where traffic is analyzed and all legitimate traffic is then sent to the targeted ...
Red Code's user avatar
0 votes
1 answer
371 views

How might I rate-limit in nginx against a distributed attacker that has set the number of parallel connections in xerxes to 1?

An attacker tweaks xerxes by setting the number of CONNECTIONS in xerxes to 1 instead of 8, like so: #define CONNECTIONS 1 They then attack with xerxes-executable mydomain 433. Their strategy is to ...
John Smith's user avatar
1 vote
0 answers
122 views

What other than ping tools might be suitable for overwhelming a server that has disabled its functionality of being pinged? [closed]

The following code: #!/usr/bin/bash TARGETS=("nalog.gov.ru" "www.nalog.gov.ru" "customs.gov.ru" "www.customs.gov.ru" "ffs.ru" "www.ffs.ru" ...
John Smith's user avatar
-1 votes
2 answers
388 views

How would routing DDoS attacks over Tor increase effectiveness?

In recent days, stackexchange has been hit by a series of DDoS attacks , leading to the blocking of Tor exit nodes. I'm curious how a DDoS attack would be more effective when routed over Tor. From ...
dcom-launch's user avatar
0 votes
1 answer
204 views

Why do DDoS attacks spoof DNS source IPs?

Recently, a lot of my friends have been talking about botnets. They said they've created their own.‌‌ Obviously, I ​​know this is all illegal so I try not to take part in any of it. But I've been ...
Hackermon's user avatar
  • 113
1 vote
0 answers
111 views

How are DDOS protection mechanisms setup when confidential data is involved?

Scenario: A hospital has the records of all patients. There is an online portal where patients can login to see their personal medical data. Since a hospital is an obvious target for any type of hack, ...
groundwine's user avatar
0 votes
1 answer
437 views

Basic explanation for why I'm getting different IP addresses when querying for users IP W/without VPN?

I'm trying to work out some basic knowledge of rate-limiting for my server security so I know how it works. Seems pretty simple as there are different algorithms as well as IP limiting methods. This ...
RobbB's user avatar
  • 261
2 votes
0 answers
181 views

I'm receiving a DDOS attack. What to do? [duplicate]

Yesterday, my website bandwidth got over. After seeing the logs I saw this This request came every 1 second (Different IP's). Luckily I use Cloudflare. So my question is what are the other things ...
Posandu's user avatar
  • 121
2 votes
0 answers
331 views

How to stop a DDoS attack that brought down my ISP

I'm streamer and I guess I'm good target for DDOS'ers. Those bad people know my ISP (but they don't know my IP address - ISP changed that for me when the first attack happened). It's a small local ISP ...
CospriMalice's user avatar
-1 votes
1 answer
219 views

Is it safe to conduct DDoS attack on a live server?

I am new to cybersecurity industry. I want to try if the company server is vulnerable to DDoS attack. Is it possible to conduct DDoS attack without damaging the live server? What I mean is, my main ...
Ajay's user avatar
  • 101
28 votes
6 answers
18k views

Someone knows my IP and is threatening to DDoS me

Around 4 months ago, someone learned my IP, and is threatening to DDoS attack me if I am not his slave. He was breaking the Discord TOS with all kinds of stuff in my DMs. I blocked him, but one of his ...
user avatar
0 votes
1 answer
233 views

Block API calls from app to stop DDoS attacks

Recently we had a discussion about the security of a mobile app we are working on. The security team requested that if a user is blocked (due to many failed login attempts), then the back-end should ...
A.R.H's user avatar
  • 1
27 votes
2 answers
9k views

How is Google abused for DDoS attacks?

While analysing a DDoS attack on my site using CloudFlare console, I've noticed that many attack requests come from AS139190 GOOGLE-AS-AP Google Asia Pacific Pte. Ltd. with Empty user agent. I'm ...
blnks's user avatar
  • 383
1 vote
0 answers
234 views

Duplicate client ids - possible ddos on rabbitmq

We are using RabbitMQ 3.9.5 There is a number of mqtt users that are being created. Each of these users is allowed to send data to its own topic. These users are not supposed to see data of other ...
Alex Tbk's user avatar
  • 111
1 vote
1 answer
492 views

Why are Bogons preferred in DDos attacks?

I am currently reading literature that states that Bogons are commonly used by attackers when conducting DDos attacks. I did some searching for an explanation and all I could find was that "...
rlon134's user avatar
  • 75
1 vote
1 answer
249 views

Is a private VPS without a domain name and http entry likely to get DDOS'd for more than 5 hours?

I have written lots of client-side code but with no server-side experience, and I am planning to get a VPS for a new project. The VPS will receive encrypted data directly from a distributed program ...
Limina102's user avatar
  • 145
34 votes
4 answers
13k views

Is serverless code immune to DDoS attacks?

In classic hosting we have a virtual machine with limited resources allocated by hosting provider for running our web application. But with serverless code such as AWS Lambda or Azure Functions, our ...
Mr. Engineer's user avatar
1 vote
2 answers
204 views

Are high traffic apps and websites used in DDoS attacks?

Isn't it very simple for one rogue programmer in a big institution to add a small code change in the application/website thereby sending unintended HTTP DDoS attacks? Like is it possible for Tiktok/...
Vishwa Mithra's user avatar
1 vote
1 answer
128 views

DDoS might be very unlikely to happen to my website but in any case a CDN that should protect from it slows my website [closed]

I humbly assume that DDoS is very unlikely to happen to my website. A CDN that should protect from it slows my website according to my personal experience and tests (perhaps only because of the ...
recursiveWithStyle's user avatar
0 votes
1 answer
454 views

DDOS interrupted by nmap?

I discovered one of my machines was under an ssh DDOS attack when I was looking at logs to find out why my disk was slow. The auth log was about 90M, which is kind of unusual for this machine. I ran ...
Craeft's user avatar
  • 109
2 votes
1 answer
356 views

How do I differentiate a DDoS attack from a DoS attack?

My server is under attack on an specific port but I am confused whether is a DDoS attack or a DoS attack (if it requires a botnet or is using some kind of trick). The entire server is available (...
Naitoreven's user avatar
1 vote
0 answers
205 views

IPSec MTU DDos attack

I have this configuration: HOST-A <---> GAT-A <---> MiTM <---> GAT-B <---> HOST-B I'm doing a security project on MTU-IPsec vulnerabilities and following this guide of Hal-...
Kuze's user avatar
  • 23
0 votes
0 answers
112 views

What is the greatest factor in DoS network flow connection tempo?

I'm conducting some research on botnet detection. I'm specifically looking at Zeek/Bro connection logs (so network flows). I was wondering what affects the tempo of the succession of network flows ...
Charles Gallagher's user avatar
0 votes
1 answer
222 views

Why ACK flood is effective?

I understand that SYN flood is effective due to how protocol works, waiting around 75 seconds before closing the connection. What about ACK flood, what does it happen on the destination side that ...
David's user avatar
  • 5
1 vote
1 answer
197 views

Making website queries and return a large amount of data, can it be exploited for DOS attack?

I am testing a website (bug bounty website) and found an endpoint like replycomment?cmt_id[]=1. When open on browser, this endpoint let me reply to comment with id 1 by fetching this comment into a ...
trieulieuf9's user avatar
12 votes
4 answers
4k views

Webserver DDOS protection without giving away private keys (https, tls, ssl)

What are the possible ways to protect an organization's web servers from a DDoS attack without giving away your web server's https private keys? Many of the common solutions for DDoS protection of a ...
Michael Altfield's user avatar

1
2 3 4 5
11