On Sat, 17 Aug 2013 13:39:16 +0200, Jann Horn said: > And yes, you're right, a DoS attack can be unsuccessful. My point was that > this small amount of traffic shouldn't be called a DDoS because there's no > way that the intention behind this amount of traffic was to take down that > service with pure bandwidth. How quickly they forget.... Not all DDoS are pure bandwidth based. Consider SYN flooding, where the packets sent are relatively small and often not even all that frequent, but can tie up large amounts of resources on the target machine. This sort of attack works particularly well against sites that have a big blind spot because they think that all DDoS attacks are massive bandwidth hosedowns. How many connections/sec does it take to forkbomb your Apache server into uselessness? And if you rate limit your Apache so your system doesn't forkbomb, how many does it take to prevent legitimate traffice from being serviced?
Attachment:
pgp9fJTzo1XCe.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/