Resources Banner

Glossary - R

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

 

Random Recursive GET

This attack is a modified version of a Recursive GET but designed for forum sites or news sites where pages are indexed numerically, usually in a sequential manner. The attacking GET statements will insert a random number within a valid range of page reference numbers making each GET statement different than a previous one.

 

Recursive GET

Another refinement to the VERB attack is a Recursive GET attack. The attacker collects several pages or images and generates GET requests that “walk” through these pages or images. This method can be combined with any of the VERB attack methods to make this attack very difficult to detect because the requests appear to be legitimate.

 

RST or FIN Flood

In order to close a TCP-SYN session between a client and a host, the servers exchange RST or FIN packets to close the session using a three-way or four-way TCP communication handshake. During a RST or FIN flood, a victim server receives spoofed RST or FIN packets at a high rate that do not belong to any session within the server’s databases. The RST or FIN flood exhausts a victim’s server by depleting its system resources (memory, CPU, etc.) used to match these incoming packets, resulting in performance degradation or a complete server shutdown.