One method for attacking a website and rendering its service inoperable is to prevent legitimate clients from being able to connect to it. With a distributed denial-of-service (DDoS) attack, the attacker attempts to saturate the server's connections, so legitimate users cannot connect.
Attacks like this are usually coordinated across a large number of client computers which may have been set up for this express purpose, or more likely have been infected with a virus that allows someone to remotely control the computer to make it participate in the attack.
BIG-IP Local Traffic Manager (LTM) and BIG-IP Advanced Firewall Manager (AFM) are just two of the products designed by F5 to sense these kinds of attacks and mitigate their effects so legitimate traffic is not compromised.
To learn more about specific DDoS attacks and how BIG-IP solutions address each kind of attack, choose from the links below:
- Connection flood
- ICMP flood, ping flood, smurf attack
- PUSH and ACK flood
- SYN flood
- Teardrop attack
- UDP flood
- DNS NXDOMAIN flood
- DNS query flood
- SSL floods and SSL renegotiation attacks
- GET Flood
- Hash DoS attack