Blog

DDoS/DoS attacks: experience-based insight. Part II

The goal of attacks on server`s memory is to fill the internal memory or a hard disk, or a critical part of memory completely. When the goal is reached the server is unavailable. The classic example of the attack is a TCP SYN flood attack.
18 November 2014
Cybersecurity testing
Web app testing
The article by a1qa
a1qa

The goal of attacks on CPU time is to reach a 100% load of CPU server. One of the options is to process a large amount of information from a database, which takes a lot of effort.

A great example of an attack on CPU time is a SSL Renegatiation DoS attack. To perform it a client repeatedly connects with the server applying SSL protocol, whereas the server needs 15 times more processing power than a client to process the request.

How to protect the server from this attack?

For security testers, the first step is to turn off SSL Renegatiation mechanism. Attacks on CPU time are very dangerous for all kind of services and result in serious damage. A software installed on you server and operating as a filter against potentially dangerous request can be a good security measure.

The goal of attacks on server`s memory is to fill the internal memory or a hard disk, or a critical part of memory completely. When the goal is reached the server is unavailable. The classic example of the attack is a TCP SYN flood attack. It`s main objective is to create multiple half open-connections to limit the access to the server. To reach the goal the attacker sends a number of TCP – segments with mounted SYN flash.

If your set up is correct, the information about new connection will be stored in the server`s response, that sends to the initiator of connection. When the server gets the client`s response it checks the information about the connection in the package. This security technology is called syncookies. It extracts the IP-address and the port from the income package, transforms the data into numbers and adds them to the Sequence Number + 1 field.

TCP FIN flood attack is similar to SYN flood attack but creates a number of half-open connections. In case like this, when the connection is established, a TCP-segment with FIN flag is sent to complete it. The server responds with FIN + ACK flagged segment and waits for the approval. If the approval is not send and the memory is filled. To fix the problem you need a patch from a product owner.

“Slow” attacks on HTTP protocol are performed in a bit different way. Apache web-server is most vulnerable to them.

The attacker acts in the following way: connects to a server and starts accepting and sending the data. He performs multiple connections to reach Denial-of-Service. As a result, server`s memory is filled due to the great number of data streams from the Apache server.

To protect the server you need to define the minimal and maximum time limit for sending the request and accepting the answer. If the client exceeds the limit the connection stops. Use specially created modules to set up the protection.

In the end, I would like to say that automatic systems are really important today. They manage various critical processes. Denial-of-Service attacks can lead to unexpected results, thus the issues of protection against DoS/DDoS attacks are as critical as never before and won`t be minor in future.

More Posts

19 April 2022,
by a1qa
5 min read
What prevents companies from boosting eCommerce customer experience: 4 common mistakes
Dreaming of a flawless online shopping journey for your users? Explore 4 widespread situations that hamper achieving this goal.
Cybersecurity testing
Performance testing
Test automation
Usability testing
Clutch awards
23 March 2022,
by a1qa
2 min read
a1qa recognized for cybersecurity expertise by Clutch!
The global online review platform Clutch added a1qa to the Top 15 Penetration Testing Companies for 2022.
Cybersecurity testing
Mobile app security
3 January 2022,
by a1qa
4 min read
Cybersecurity testing: 4 best practices to ensure highly safe IT solutions
Find out 4 cybersecurity tips to release highly secure software and protect end-user data.
Cybersecurity testing
Mobile app testing
streaming services
30 November 2021,
by a1qa
4 min read
Ho ho ho! QA to enable crash-proof streaming platforms for Holidays season
Isn’t it high time to forget about the Christmas rush and truly enjoy the pre-holidays season? Read the article about how to put peak-load anxiety behind by applying rigorous testing of your streaming solution.
Cybersecurity testing
Functional testing
Performance testing
Usability testing
19 August 2021,
by a1qa
4 min read
Cybersecurity: Top 5 questions to ask a QA vendor
What information to request from QA providers to get confident in the complete security of your software and protect end-user sensitive data? Read about that in the article.
Cybersecurity testing
5G impact
31 May 2021,
by a1qa
4 min read
5G network impact on mobile app testing
Check out what 5G connectivity will bring to the IT world and how it will modify mobile app testing.
Cybersecurity testing
Mobile app testing
Performance testing
29 April 2021,
by a1qa
4 min read
Addressing 4 security issues for digital transformation programs
Find out the top 4 safety challenges of digital transformation and a QA playbook to address them and contribute to a higher level of cybersecurity.
Cybersecurity testing
31 March 2021,
by a1qa
4 min read
QA scenario to introduce 6 eCommerce trends in 2021
Discover what trends will rule the eCommerce industry in 2021 and how QA can help implement them with confidence and ease.
Cybersecurity testing
Test automation
25 February 2021,
by a1qa
4 min read
9 QA points for delivering high-quality SaaS-based solutions
In the article, we’ve gathered 9 QA factors relying on the SaaS specifics that may help to perform SaaS testing with ease.
Cloud-based testing
Cybersecurity testing
Functional testing
Performance testing
Test automation

Get in touch

Please fill in the required field.
Email address seems invalid.
Please fill in the required field.
We use cookies on our website to improve its functionality and to enhance your user experience. We also use cookies for analytics. If you continue to browse this website, we will assume you agree that we can place cookies on your device. For more details, please read our Privacy and Cookies Policy.