Conditions préalables
This type of an attack requires the ability to generate a large amount of HTTP traffic to send to a target server.
Atténuations
Design: Use a Web Application Firewall (WAF) to help filter out malicious traffic. This can be setup with rules to block IP addresses found in IP reputation databases, which contains lists of known bad IP addresses. Analysts should also monitor when the traffic flow becomes abnormally large, and be able to add on-the-fly rules to block malicious traffic. Special care should be taken to ensure low false positive rates in block rules and functionality should be implemented to allow a legitimate user to resume sending traffic if they have been blocked.
Hire a third party provider to implement a Web Application Firewall (WAF) for your application. Third party providers have dedicated resources and expertise that could allow them to update rules and prevent HTTP Floods very quickly.
Design: Use a load balancer such as nginx to prevent small scale HTTP Floods by dispersing traffic between a group of servers.
Implementation: Make a requesting machine solve some kind of challenge before allowing them to send an HTTP request. This could be a captcha or something similar that works to deter bots.
Faiblesses connexes
CWE-ID |
Nom de la faiblesse |
|
Allocation of Resources Without Limits or Throttling The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor. |
Références
REF-751
HTTP Flood Attack
https://www.cloudflare.com/learning/ddos/http-flood-ddos-attack/
Soumission
Nom |
Organisation |
Date |
Date de publication |
CAPEC Content Team |
The MITRE Corporation |
2014-06-23 +00:00 |
|
Modifications
Nom |
Organisation |
Date |
Commentaire |
CAPEC Content Team |
The MITRE Corporation |
2019-04-04 +00:00 |
Updated Related_Weaknesses |
CAPEC Content Team |
The MITRE Corporation |
2020-07-30 +00:00 |
Updated Taxonomy_Mappings |
CAPEC Content Team |
The MITRE Corporation |
2021-06-24 +00:00 |
Updated Taxonomy_Mappings |
CAPEC Content Team |
The MITRE Corporation |
2022-09-29 +00:00 |
Updated Taxonomy_Mappings |
CAPEC Content Team |
The MITRE Corporation |
2023-01-24 +00:00 |
Updated Mitigations, References |