Communications of the ACM
Hackers Find a New Way to Deliver Devastating DDoS Attacks
“We expected that it was only a matter of time until these attacks were being carried out in the wild because they are easy and highly effective," says Kevin Bock, a researcher at the University of Maryland.
Credit: vchal/Getty Images
Last August, academic researchers discovered a potent new method for knocking sites offline: a fleet of misconfigured servers more than 100,000 strong that can amplify floods of junk data to once-unthinkable sizes. These attacks, in many cases, could result in an infinite routing loop that causes a self-perpetuating flood of traffic. Now, content-delivery network Akamai says attackers are exploiting the servers to target sites in the banking, travel, gaming, media, and web-hosting industries.
These servers—known as middleboxes—are deployed by nation-states like China to censor restricted content and by large organizations to block sites pushing porn, gambling, and pirated downloads. The servers fail to follow transmission control protocol (TCP) specifications that require a three-way handshake—comprising a SYN packet sent by the client, a SYN+ACK response from the server, and a confirmation ACK packet from the client—before a connection is established.
From Wired
View Full Article
No entries found