Resumen

MARTINEZ-LOZANO, Jeferson Eleazar  y  ATENCIO-ORTIZ, Pedro Sandino. CREATION OF A DDOS ATTACK USING HTTP-GET FLOOD WITH THE CYBER KILL CHAIN METHODOLOGY. Iteckne [online]. 2019, vol.16, n.1, pp.41-47. ISSN 1692-1798.  https://doi.org/10.15332/iteckne.v16i1.2160.

This article illustrates by means of a demonstration and taking advantage of the vulnerability “Open redirect”, how easy it can be to attack web servers through distributed attacks of denial of services. In it, the Cyber Kill Chain® model is used to carry out this attack in phases. In the development of the research, a systematic UFONet tool is applied and the results obtained are analyzed and it is recommended to protect the Internet application services of said attacks through web application firewalls (WAF) whose presence allows the DDoS traffic of the application layer (including the HTTP-GET flood) arrives effortlessly at the destination server.

Palabras clave : Distributed attacks of denial of services; Botnet; Security Informatics..

        · resumen en Español     · texto en Español     · Español ( pdf )