{"id":3937,"date":"2016-11-14T14:06:15","date_gmt":"2016-11-14T12:06:15","guid":{"rendered":"http:\/\/www.kodingtech.com\/?p=3937"},"modified":"2016-11-14T14:06:15","modified_gmt":"2016-11-14T12:06:15","slug":"how-to-take-down-a-server-with-a-15-mb-attack","status":"publish","type":"post","link":"https:\/\/kodingtech.com\/en\/cum-sa-dai-jos-server-cu-atac-de-15-mb\/","title":{"rendered":"How to crash a server with just a 15Mb attack"},"content":{"rendered":"

Isolated attackers with limited resources could take down large servers if they are protected by certain firewall solutions from Cisco Systems or other manufacturers.
\nType technique denial of service<\/em> requires data volumes of only 15 Mb, or about 40,000 packets per second, to block the internet connection of vulnerable servers. This is while domain provider Dyn, the security site KrebsOnSecurity <\/a>or the French hosting provider OVH were recently bombarded with volumes exceeding 1 terabit per second.
\nResearchers from the Danish security company TDC Security Operations Center have named the new attack technique BlackNurse.<\/em> The Black Nurse uses data based on Internet Control Message Protocol<\/a>, used by routers and other devices to send or receive error messages. By sending a special type of ICMP packet, attackers can quickly overload the processors of certain types of firewalls. After reaching a threshold of 15-18 mbps, targeted firewalls reject so many packets that the server behind them is effectively disconnected from the internet. Danish researchers simulated an attack using a regular laptop to unleash the Black Nurse.
\nAccording to Netresec, which collaborates with TDC Security, the attack is effective against firewalls from Cisco Systems, Palo Alto Networks, SonicWall and Zyxel. The specific models are listed below. in this article<\/a>.
\nPalo Alto Networks reported that its devices were vulnerable only in specific scenarios that contravene good server administration practices. Cisco said it did not consider the situation a security issue.
\nMore about security solutions, here<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"

Atacatori izola\u021bi care au resurse limitate ar putea deconecta servere mari, dac\u0103 acestea sunt protejate de anumite solu\u021bii firewall de la Cisco Systems sau al\u021bi produc\u0103tori. Tehnica de tip denial-of-service necesit\u0103 volume de date de numai 15 Mb, adic\u0103 aproximativ 40,000 de pachete pe secund\u0103, pentru a bloca leg\u0103tura la internet a serverelor vulnerabile. Asta […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_breakdance_hide_in_design_set":false,"_breakdance_tags":"","footnotes":""},"categories":[8],"tags":[],"class_list":["post-3937","post","type-post","status-publish","format-standard","hentry","category-servicii-it"],"_links":{"self":[{"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/posts\/3937","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/comments?post=3937"}],"version-history":[{"count":0,"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/posts\/3937\/revisions"}],"wp:attachment":[{"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/media?parent=3937"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/categories?post=3937"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kodingtech.com\/en\/wp-json\/wp\/v2\/tags?post=3937"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}