Please enable JavaScript.
Coggle requires JavaScript to display documents.
Web attacks (Spoofing/ Poisoning Pretending or appearing to be someone of…
Web attacks
-
-
DDoS
-
-
Preventing DDoS
-
-
-
GET floodPOST requests are more likely to require the server to perform some kind of processing, such as looking up items in a database. Therefore, HTTP POST flood attacks typically impose higher load on the server per request.
Post floodThe GET request is used to retrieve static content like images. Typically this induces relatively low load on the server per request.
-
Remote File Inclusion Running malicious code on the server: any code in the included malicious files will be run by the server.http://attacker_site/malicous_page
-
Code execution on the web server
Code execution on the client-side such Denial of Service (DoS)
Sensitive Information Disclosure
-
-
-
Command Injection
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell
-
-
-
-
-
-
Blind SQL (Structured Query Language) injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the applications response. This attack is often used when the web application is configured to show generic error messages, but has not mitigated the code that is vulnerable to SQL injection.
When an attacker exploits SQL injection, sometimes the web application displays error messages from the database complaining that the SQL Query's syntax is incorrect. Blind SQL injection is nearly identical to normal SQL Injection, the only difference being the way the data is retrieved from the database. When the database does not output data to the web page, an attacker is forced to steal data by asking the database a series of true or false questions. This makes exploiting the SQL Injection vulnerability more difficult, but not impossible.
A bit too much of technical info. What is needed, is what attack, where it aims to, what will be the result of the attack, means what attacker is actually truing to reach
Check also Cross Site Scripting attack, Remote file inclusion, local file inclusion
-
For DNS, check what is DNS sec, check what are zones, records. Especially, c-name, it is the most important for akamai.
-
Honeypot Are machines that can be placed on the network to be easily compromised, to understand what the hacker is trying to do.
-
DNS amplification attacks The attacker spoofs the ip address of the dns resolver and replace it by the victim, this causes all replys from the resolvers to ve sent to the victims ip, then the attacker finds a dns domain that contains many domains records, during the attack the atacker sets a list of computer to request the entire domain request for those records, sending the traffic to the victim state to the resolving server. amplification is trying to get more bandwith with a litle bit of bandwith. A single request, can get a big record typp like any or dns sec which is larger.
*Slowloris DDoS Attack dont get terminated, slow rate an volume of traffic
slow post or Rubywill use slow motion http packets for input forms on the website and split that into small peses.