What is a DDOS using a LDAP Reflection attack
Question
what is a DDOS using an LDAP Reflection attack and explain how can an organization defend against this attack? Explain this with details.
Answer
In this question, DDOS stands for Distributed denial of service. This DDOS attack is used when we have to attack a website or any server with a which multiple computers or a group of networks. And then it will create a denial of service to other systems.
Next what does LDAP stands for, So it stands for lightweight directory access protocol. So as its name contain a protocol we can understand their is a Protocol for directory services in corporate and commercial areas.
DDoS using an LDAP reflection attack is an attack in which there is Third-party include for spoofing the IP address of the user and will send a request to the server as well. Then the server will consider that it is an IP address but it actually is a third party. Once the server consider it is a IP address it will accepts the request.
Next, is how this attack works?
⦁ here first the attacker will send the CLDAP request to the LDAP server. With the spoofed sender IP address. Which is the victim’s address i.e. the Computer or server which will get attacked.
⦁ And the server thinks it is a request from the user and the server will respond to it. By responding it will cause a reflection attack.
DDoS attack harms the user money, time, information, the reputation of the victim is also ruined.
So we also have some ways to not get attacked by this. And we have to take some precautions.
They are:
Rate limiting:
Rate limiting means we have to include only few number of network to the sources and the destination.
Port Blocking:
In this port blocking, we have to block the port which is not important. And it is always a good way to prevent ur server or computer from attackers. This port blocking includes mainly the port which is generally used by the attackers as well as the regular client.
Firewall:
There are different types of Firewalls available. And they also promise to protect our device or server from the attacks. So we can also use this to prevent attacks.
Also read, Given below defined UML class diagram