From 25c6fa4044e940bad234cc76891e5a656edc15e1 Mon Sep 17 00:00:00 2001 From: Mihirraj Dixit <33447734+MihirrajDixit@users.noreply.github.com> Date: Sat, 20 Oct 2018 07:32:57 +0530 Subject: [PATCH] Added the Industrial Iot Based DDOS attacks (#19020) --- .../english/security/ddos-denial-of-service-attacks/index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/guide/english/security/ddos-denial-of-service-attacks/index.md b/guide/english/security/ddos-denial-of-service-attacks/index.md index 59db152f05..b19e11f3ec 100644 --- a/guide/english/security/ddos-denial-of-service-attacks/index.md +++ b/guide/english/security/ddos-denial-of-service-attacks/index.md @@ -39,6 +39,8 @@ Protocol attacks include SYN floods, Ping of Death, fragmented packet attacks, S * **Ping of Death** − The attacker sends malformed or oversized packets using a simple ping command. IP allows sending 65,535 bytes packets but sending a ping packet larger than 65,535 bytes violates the Internet Protocol and could cause memory overflow on the target system and finally crash the system. To avoid Ping of Death attacks and its variants, many sites block ICMP ping messages altogether at their firewalls. +* **Industrial IOT Attacks based on DDoS** - The attacker analyses the communication network and sniffs the packets using packet capturing tools. After deep packet inspection, the attacker checks the command frame which can stop the data transmission and crafts the packets to disrupt the Industrial control systems. Various protocols like IEEE C37.118.2, Modbus, and DNP3 are vulnerable. The [Blackenergy 3 Malware](https://en.wikipedia.org/wiki/December_2015_Ukraine_power_grid_cyberattack) is a recent example of this kind of attack. + ### Application Layer Attacks Application Layer Attacks include Slowloris, Zero-day DDoS attacks, DDoS attacks that target Apache, Windows or OpenBSD vulnerabilities and more. Here the goal is to crash the web server. The attack magnitude is measured in Requests per Second. @@ -73,4 +75,4 @@ You can take the help from your system administrator to understand these points * [Understanding Denial-of-Service Attacks](https://www.us-cert.gov/ncas/tips/ST04-015) * [Visualisation of DDoS Attacks Worldwide](http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=17462&view=map "Visualisation of DDoS Attacks Worldwide") -* [Kotaku Article about DDoS](https://kotaku.com/how-ddos-attacks-work-and-why-theyre-so-hard-to-stop-1676445620) \ No newline at end of file +* [Kotaku Article about DDoS](https://kotaku.com/how-ddos-attacks-work-and-why-theyre-so-hard-to-stop-1676445620)