From the course: Ethical Hacking: Denial of Service
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
NEW: Amplification using memcached
From the course: Ethical Hacking: Denial of Service
NEW: Amplification using memcached
- NTP isn't the only protocol we can use to amplify a denial of service. There are many other amplification protocols which can be used. And one which deserves specific mention is the protocol used in the Memcached software. Memcached is a third party tool used to cache objects in a systems memory. And then retrieve those objects quickly. Its used to speed up dynamic web applications and its management features can be accessed using TCP or UDP on port 11211 Let's have a look at an example of a Memcached exchange using Netcat I'll use Netcat to make a simple connection to port 11211 on a Memcached server (typing) and I'll issue the stats command We get a response from the server of about 2000 characters Which provides a respectable amplification factor of about 400 Of course using a TCP connection is quite safe and can't be used to support a denial of service attack But if the command were to be sent via UDP With no session set up and with a spoofed source address then this can be used…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
TCP SYN flooding using hping34m 57s
-
(Locked)
Using Hyena to run a reflection attack6m 39s
-
(Locked)
UDP flooding with LOIC3m 16s
-
(Locked)
ARP poisoning with Ettercap5m 13s
-
(Locked)
Using NTP to amplify attacks5m 55s
-
(Locked)
NEW: Amplification using memcached2m 52s
-
(Locked)
NEW: When is a DDoS not a DDoS?2m 32s
-
-
-
-
-
-
-