Are You Covered? Here’s a DDoS Checklist to Help You Find Out

Every day at Radware we have customers and prospects asking us about the key determinants in sourcing and testing a DDoS protection service.

  • What are the major considerations I should be covering for DDoS?
  • How do I know if I’m covering my bases?
  • What are the key cyber-attack vectors that I should concern myself with?
  • What are the technical vectors included in multi-vector cyber-attacks?

During a recent media interview, I was asked similar questions, but specifically about cyber-attack risks that threaten ATMs and POS systems – an issue worth investigating considering the looming Windows XP support changes. Just last week, the Federal Financial Institutions Examination Council (FFIEC) issued a statement to notify financial institutions about potential DDoS attacks associated with cyber-attacks on Automated Teller Machine (ATM) and card authorization systems and the continued distributed denial of service (DDoS) attacks on public-facing websites. The statement also describes steps that the members expect institutions to take to protect themselves from these potential attacks and it highlights resources that institutions can use to help mitigate risks.

Our team worked together to provide the quick checklist below to help you see how (and if!) you are covering the cyber-attack threats facing your environment. It can help you to identify types of DDoS attacks, threats, targets and techniques. We hope you find it useful and please feel free to reach out and ask us any questions.

DDoS Threats Attack Type Attacking Target Detection Mitigation
  Yes? No?
SYN Floods TCP Out-of-State Flood      
ACK Floods      
Garbage Floods      
Request Floods      
Packet Anomalies Flood      
HTTP Floods Get Requests      
Post Requests – Variable Values      
Invasive HTTP Vertical Scanning      
Invasive HTTP Horizational Scanning      
Put Requests      
Search Engine Floods      
UDP Floods (Non DNS) UDP Floods (Non DNS) ICMP Echo Request (Ping) Flood    
SSL Computing SSL renegotiation SSL vulnerability    
SSL traffic HTTPS flooding    
SSL handshake Computation power    
HTTP (Get/Post) Flood Attack HTTP Get/Post Flooding Bandwidth    
Processing Power    
HTTP vulnerability Protocol / RFC    
Slow Rate Attacks (AKA RUDY or R-U-Dead-Yet) Slow HTTP Post requests Processing Power    
Connections / Sessions    
Partial data / transaction attack Application data integrity Application security control weakness    
SMTP flood Application data integrity Application security control weakness    
FTP flood Application data integrity Application security control weakness    
DNS Threat DNS traffic DNS volumetric attacks    
DNS spoofing attacks    
DNS amplification and reflection    
Protocol flaw DNS ID hacking    
DNS cache poisoning    
DNS root server attacks    
SIP / UCS Attacks Protocol flaw SIP Protocol Anomaly Attack    
SQL Injection Code injection SQL database    
Attack Techniques
Volumetric attacks HashDoS      
TCP/UDP/ICMP Flood      
SYN/Push/ACK Flood      
Malformed DNS queries / packets      
High volume properly formatted DNS queries      
DNS amplification / reflection attacks      
RFC/Compliance Attacks HashDoS      
Apache Killer      
Compute Intensive Attacks Slowloris      
New variant – Slow Read      
Valid but CPU/memory intensive web/database requests      
Brute Force Attacks Zone Enumeration / Dictionary Attacks- DNS Brute Force      
Invalid Website Input Parameters Attack      
Search Engine Request Attacks      
HTTP Brute Force      
Buffer Overflow Attacks Buffer Overflow DNS      
Anti-Automation Attacks
Other Attacks HTTP Get Flood      
  LOIC or Variants      
  HOIC or Variants      
  HTTP Post Flood      
  nkiller2 (TCP Persist)      
  SIP Call-Control Flood      
  XerXes DoS      
  #RefRef DoS      


Like this article? Receive similar articles by subscribing to our blog today!

Carl Herberger

Carl is an IT security expert and responsible for Radware’s global security practice. With over a decade of experience, he began his career working at the Pentagon evaluating computer security events affecting daily Air Force operations. Carl also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense. Carl writes about network security strategy, trends, and implementation.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center