A DNS amplification attack is a reflection-based distributed denial of service (DDos)attack. The attacker spoofs look-up requests to domain name system (DNS) servers to hide the source of the exploit and direct the response to the target. … Most commonly, these are DNS servers that support open recursive relay. DNS amplification can also be described as a Distributed Denial of Service (DDoS) attack in which the attacker exploits vulnerabilities in domain name system (DNS) servers to turn initially small queries into much larger payloads, which are used to bring down the victim’s servers.
- UDP Flood. A UDP flood, by definition, is any DDoS attack that floods a target with User Datagram Protocol (UDP) packets.
- ICMP (Ping) Flood.
- SYN Flood.
- Ping of Death.
- NTP Amplification.
- HTTP Flood.
DNS cache poisoning, also known as DNS spoofing, is a type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones. One of the reasons DNS poisoning is so dangerous is because it can spread from DNS server to DNS server.
Chargen DDoS attack:
The Character Generator Protocol (CHARGEN) is a service of the Internet Protocol Suite defined in RFC 864 in 1983 by Jon Postel. It is intended for testing, debugging, and measurement purposes. The protocol is rarely used, as its design flaws allow ready misuse.
Slowloris is a type of denial of service attack tool invented by Robert “RSnake” Hansen which allows a single machine to take down another machine’s web server with minimal bandwidth and side effects on unrelated services and ports.
A cache poisoning attack redirects a user that brings up www.google.com to a malicious site instead, allowing an attacker to install malware or steal data from the user. The DNS flaw Dan found would allow an attacker to launch cache poisoningattacks against nameservers.
Mirai (Japanese for “the future) is a malware that turns networked devices running Linux into remotely controlled “bots” that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as IP cameras and home routers.
NTP amplification is a type of Distributed Denial of Service (DDoS) attack in which the attacker exploits publically-accessible Network Time Protocol (NTP) servers to overwhelm the targeted with User Datagram Protocol (UDP) traffic.
** monlist is a debugging command that allows to retrieve information from the monitoring facility about traffic associated with the NTP service.