Application layer attacks

[zihadhasan012]

Application layer attacks are also known as layer 7 attacks. The main objective is to exhaust resources and disrupt access to the website or blog .

These attacks target the layer where web pages are generated on the server and delivered as responses to HTTP requests.

In this type of attack, it is very difficult to structure a defense due to the complexity of distinguishing real traffic from traffic generated by bots.

An example of such an attack is similar to pressing the F5 (refresh page) button repeatedly.

This, on a large scale, with multiple computers requesting the update at the same time, can lead to overloads and cause system downtime.

This attack can be done on a specific page, in which case defense becomes easier, or on random pages, without a scheduled IP frequency, which makes defense more difficult.

Protocol attacks
Protocol attacks are also called exhaustion attacks. tunisia mobile database The purpose of this attack is to consume all available capacity of web application servers or intermediate resources such as firewalls.

Protocol attacks target protocol layers 3 and 4. An example of a protocol attack is SNY overload. To understand this, let's look at an everyday example.

Imagine you go to a restaurant and ask the waiter for a particular dish. He takes your order and as he walks to the kitchen to request preparation, another table calls him and places a new order.

This is repeated successively and cannot deliver all orders to be prepared.

It will not be able to deliver all the requests, as it is overloaded and therefore the requests will not be answered. Despite being a very simple example, it depicts the protocol attack very well.

A large number of initial connection request SYN packets are generated. The machine responds to connections, but waits for the final negotiation stage (handshake) which never occurs, thus exhausting resources.