Telco Providers Security Challenges – Part 2

DDoS Attacks

The common attack vectors for any DDoS would be of the following

Volumetric or Flood Attacks 

Bad guys shall expoit the system with arge botnets or spoofed IP to generate a lot of traffic bps or pps. The UDP-based floods from spoofed IP take advantage of connection less UDP protocol. They even take out the infrastructure capacity – routers, switches, servers, links

State Exhaustion / TCP Resource Exhaustion Attacks

The traffic crafted to exhaust critical resources in servers, load balancers, firewalls or routers are more sophisticated and will take advantage of stateful nature of TCP protocol such as SYN, FIN, RST Floods & TCP connection attacks

Application-layer Attacks

The exploit limitations, scale and functionality of specific applications and can be low level and still be effective. The HTTP Get queries that return large files is another form of application attack. The DNS requests that prompt many zone transfers is widely used method. The Malformed HTTP, SIP, DNS  requests is typical approach. Likewise SIP invite floods to a specific client and to take out specific services or applications