Jump to content

dos amplification attack?

babadoctor
Go to solution Solved by Guest,

 

(watch through till end) Tom does some pretty good explanations on stuff.

Does an amplification attack work by repeating a networking command (like for example, whois) over and over, then making the reply of that command come to the attackers victim w/ a spoofed ip?

 

 

This is a really wild guess on how this works, i am assuming i am really far from how an amplification attack works 

 

I just want to understand how these work...

 

 

OFF TOPIC: I suggest every poll from now on to have "**CK EA" option instead of "Other"

Link to comment
Share on other sites

Link to post
Share on other sites

 

(watch through till end) Tom does some pretty good explanations on stuff.

Link to comment
Share on other sites

Link to post
Share on other sites

=

(watch through till end) Tom does some pretty good explanations on stuff.

Quick question

if you have 2 connectios: one with a 300 up and one with a 300 down

and someone sends you 200 megs of traffic on one or the other

which is more likely to go down?

do you have to have a good up or down to not get ddosed?

OFF TOPIC: I suggest every poll from now on to have "**CK EA" option instead of "Other"

Link to comment
Share on other sites

Link to post
Share on other sites

Quick question

if you have 2 connectios: one with a 300 up and one with a 300 down

and someone sends you 200 megs of traffic on one or the other

which is more likely to go down?

do you have to have a good up or down to not get ddosed?

 

I'm by no means an expert, but if you think of it as a pipeline, at the point no more data will fit through that pipe is when you can no longer process it (allow the data to pass through). So, if you have a wider pipe (higher bandwidth) than what is being sent, what is being sent can make it through the pipe... Thus no disruption. 

 

(I could be entirely wrong here)

Link to comment
Share on other sites

Link to post
Share on other sites

Quick question

if you have 2 connectios: one with a 300 up and one with a 300 down

and someone sends you 200 megs of traffic on one or the other

which is more likely to go down?

do you have to have a good up or down to not get ddosed?

 

Generally speaking you want to saturate the targets download or incoming connection. This will kill off both UDP and TCP traffic. Saturating the upload or outgoing is only going to effect incoming TCP and not UDP due to how TCP works as explained in the video, or the ability to have a VoIP call etc.

 

Saturating the outgoing link is also harder to do and less effective, you would have to find some kind of flaw in the target system to make them send out tons of traffic unwillingly either by reflection or attacking a website (web server will likely die before connection).

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×