Upload
hoangxuyen
View
220
Download
0
Embed Size (px)
Citation preview
A new DDoS attack vector that leverages Lightweight Directory
Access Protocol (LDAP) for reflection-amplification attacks was
reported in October 2016 by Corero Network Security1.
Reflection-amplification attacks are not a new DDoS trend, but
new attack vectors emerge all the time. Attackers continue to
exploit decades-old protocols in an effort to achieve stronger
amplification, enabling them to inflict greater damage.
1 https://www.corero.com/company/newsroom/press-releases/corero-warns-of-powerful-new-ddos-attack-vector-
with-potential-for-terabit-scale-ddos-events/
Rank
Protocol
Amplification Factor
1 NTP 556.9
2 CharGEN 358.8
3 QOTD 140.3
4 RIPv1 131.24
5 Quake Network Protocol 63.9
6 LDAP 46 – 55
7 DNS 28 – 54
8 SSDP 30.8
9 Portman (RCPbind) 7 – 28
10 Kad 16.3
11 Multicast DNS (mDNS) 2 – 10
12 SNMPv2 6.3
13 Stream Protocol 5.5
14 NetBIOS 3.8
15 BitTorrent 3.8
F5 Networks, Inc. | f5.com