Background
The customer was targeted with a DDoS campaign that lasted five consecutive days. In the days preceding the attack, Anonymous published threats of attacks to European ISPs and government websites. ERT assisted one of the largest European ISP to prepare for this attack. Nevertheless, no direct threat to the customer website was made and this attack was not credited to Anonymous (actually it was not published in the media at all). This attack had several unique characteristics; all of which might infer a different motivation (see more under Attack Motivation)
Attack Vectors
There were three confirmed attack vectors in this attack campaign:
- Attack Vector I: Empty Connection Flood on TCP/80 4
- Attack Vector II: FIN-ACK Flood on TCP/80
- Attack Vector III: HTTP Flood
Additional Information