DDoS Reflection and Amplification
๐ก The Core Idea
A technique to increase the volume of a Denial of Service attack by tricking third-party servers (reflectors) into flooding the victim.
๐ง Mechanism
- Spoofing: The attacker sends a request to a reflector (e.g., DNS server) but falsifies the source IP address to be the victimโs IP.
- Reflection: The server replies to the request, sending the response to the victim instead of the attacker.
- Amplification: The attacker chooses protocols where the response is much larger than the request (e.g., a 60-byte DNS query triggers a 3000-byte response). This multiplies the bandwidth hitting the victim.
๐ Connections
- Source: Source - Internet Security