DoS (Denial of Service) and DDoS (Distributed Denial of Service) are basically out-of-service attacks. It aims to create service disruption and loss of prestige on the targets attacked.
Since there is an attack method on the network, DoS/DDoS attacks can be made on local networks and external networks. In OSI layers, it is possible to do DoS attack in every layer from Layer2 to Layer7.
In DoS/DDoS tests, attacks can be made on OSI Layer 4 in high bandwidth ranges. In OSI Layer 7 tests, DoS/DDoS tests are performed on the application layer depending on the configuration and architectural deficiencies of the application.
The following attack techniques and methods are used.
- Flood attack for all flags (SYN, FIN, ACK, etc.)
- Protocol-based flood attack (TCP, UDP, ICMP, DNS, etc.)
- Slow Read Attack, Slowloris
- HTTP (GET, POST) flood
You may have the opportunity to see the vulnerabilities that will be revealed by UITSEC's expert staff before they are detected by anonymous attackers.