Bedane mudhun ing bagian mana saka stack sing diserang, lan iku sing nentokake carane ngdeteksi lan ngalang. Layer 3/4 attacks yaiku babagan raw volume; Layer 7 attacks yaiku babagan expensive, realistic-looking requests.
Bedane mudhun ing bagian mana saka stack sing diserang, lan iku sing nentokake carane ngdeteksi lan ngalang. Layer 3/4 attacks yaiku babagan raw volume; Layer 7 attacks yaiku babagan expensive, realistic-looking requests.
Lanang target network lan transport layers lan nyoba jenuh bandwidth utawa mung habis connection state, ora logic aplikasi-mu.
Mitigation yaiku babagan nyerep utawa nyaring packets: SYN cookies (supaya server ora dadi state nganti handshake rampung), anycast + scrubbing centers supaya nyebar lan ngresiki flood ing kapasitas global, lan upstream/ISP filtering supaya tumpas packets sing di-spoof utawa junk sadurunge tekan kowe. Packets iku sinau malformed utawa unsolicited, dadi filtering iku mechanical.
Lanang target application layer (HTTP) karo requests sing katon legitimate banget.
GET /search?q=..., POST /login) supaya saben request meksa database query, render, utawa auth check.Bahaya yaiku asymmetry: request cilik bisa mbayar kowe query abot, dadi bandwidth sithik njupuk sampeyan. Lan amarga saben request iku well-formed, packet filtering ora bisa mbedakne saka real user.
Mitigation kudu luwih pinter saka filtering: WAF supaya klop patterns jahat, rate limiting per IP/user/token, lan behavioral analysis (challenge pages, JS/CAPTCHA, fingerprinting) supaya pisahke bots saka manungsa.
Layer 3/4 : detect by VOLUME + protocol anomalies -> filter/absorb packets (cheap to spot)
Layer 7 : detect by BEHAVIOR (looks like real traffic) -> needs request-level intelligence
Kowe ora bisa ngalang loro-roan karo siji tool. Scrubbing center sing ngremuk 1 Tbps UDP flood bakal mahali HTTP flood 50,000-request-per-second, amarga saben request katon valid. Senior engineers ngidentifikasi layer pisanan, banjur raih kontrol sing klop — packet-level scrubbing lan anycast kanggo volumetric attacks, request-level WAF, rate limiting, lan behavioral challenges kanggo application floods.