Denial-of-Service (DoS) Attacks
|
|-- Overview
|   |-- Disrupt availability of services
|   |-- Overwhelm system with traffic or requests
|
|-- Types of DoS Attacks
|   |-- Flooding Attacks
|   |   |-- Traffic Overload
|   |-- Service Exploitation
|   |   |-- Crash Services
|   |-- Resource Consumption
|       |-- Bandwidth
|       |-- CPU
|       |-- Disk Space
|
|-- Distributed Denial-of-Service (DDoS) Attacks
|   |-- Involves multiple compromised computers (botnets)
|   |-- Harder to trace
|   |-- High impact
|       |-- Loss of goodwill
|       |-- Financial losses
|       |-- Disabled networks
|
|-- Notable Attack Types
|   |-- TCP Sack Panic Attack
|   |-- Distributed Reflection DoS (DRDoS)
|   |-- Ransom DDoS (RDDoS)
|
|-- Case Study: Microsoft Azure DDoS Attack
|   |-- August 2021
|   |-- 2.4 Tbps attack
|   |-- UDP reflection attack
|   |-- Mitigated by Azure DDoS protection
|
|-- Mitigation Strategies
|   |-- Vulnerability Patching
|   |-- Firewalls and Filtering
|   |-- DDoS Protection Services
|   |-- Incident Response Plans
|
|-- Tools Used in DoS/DDoS Attacks
|   |-- High Orbit Ion Cannon (HOIC)
|   |-- Low Orbit Ion Cannon (LOIC)
|   |-- Mobile Tools (LOIC, AnDOSid)