Distributed Denial of Service (DDoS) attacks are growing in frequency, intensity and sophistication, but their delivery methods are unchanged. Infected internet bots and vulnerable servers continue to create attacks of crushing scale against unprepared targets. These bots and servers are the weapons used repeatedly in multiple DDoS attacks. A global distribution of these internet zombies and exposed servers, easily exploitable as reflected amplifiers, sits idle, waiting to be called into action.
What is DDoS Threat Intelligence?
Security researchers accumulate threat intelligence from tens of millions of internet compute hosts that are vulnerable and exploited as DDoS attack weapons. DDoS threat intelligence is the information gleaned from the repeated use of attacking agents combined with the knowledge of vulnerable IP addresses and hosts. This information provides security researchers the ability to proactively improve DDoS defenses.
Distributed Denial of Service Attacks have emerged as one of the most effective, yet least understood Cybersecurity threats today. The lack of open dialog deepens the confusion and helps the attacks to succeed.
This book reveals the hard-earned lessons drawn from the authors’ years of engagements in DDoS detection and mitigation – from hyper-scale cloud providers to boutique shops. Protect your clouds NOW.Read It Now
Current and Accurate DDoS Weapons Intelligence
A10 Networks and partner security researchers continuously analyze and inventory millions of IP addresses of exploitable hosts weaponized for DDoS attacks. Thunder TPS make the voluminous data actionable with class-lists that scale up to 96M entries.
IP Addresses of Weaponized Reflected Amplification Servers
Amplified reflection attacks take the prize when it comes to size. A10’s DDoS weapons intelligence includes IP addresses of millions of exploitable DNS, NTP, SSDP, CLDAP, TFTP, and other internet exposed services exploited by attackers that should be blocked while under DDoS attack.
IP Addresses of IoT DDoS Botnets
The 2016 Mirai botnet DDoS attacks were the wake-up call to DDoS defender on the scope of the IoT threat. A10’s DDoS weapons intelligence includes Mirai derivative IoT DDoS botnet addresses and other host IP address abused as attack agents. These are toxic hosts and should be blocked before they can do damage to your infrastructure