Case Study: Using CAR to Limit DDoS Attacks
A distributed denial of service (DDoS) attack is launched when attackers install hidden programs on compromised hosts (in some cases called handlers, see Chapter 14, “What is Intrusion Detection,” for more details). These hosts in turn compromise more hosts (in some cases called agents, see Chapter 14 for more details) and install special programs to run on them. This way, a multiplicative effect is achieved, whereby each compromised host compromises more hosts. The endgame is for all the agents to launch an attack together, usually a DoS attack, on a victim host. Due to the large number of agents launching the attack from a variety of places, this kind of attack can be difficult to control after it ...
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
