CDNetworks Unveils 10 Tbps Capacity Upgrade for Enhanced South & Southeast Asia Network Performance - Learn More

Security Glossary: DDoS

CDNetworks
CLDAP Reflection DDoS Attack

CLDAP Reflection DDoS Attack

In the realm of cybersecurity, Distributed Denial-of-Service (DDoS) attacks represent a significant and growing threat to businesses and organizations globally. These attacks aim to disrupt the normal functioning of targeted websites or services by overwhelming them with a flood of internet traffic. This surge in traffic is typically generated from a multitude of sources, making it challenging to block or mitigate.

DDoS attacks can employ various tactics, techniques, and procedures, with one common method being amplification and reflection attacks. These types of attacks exploit the functionality of network protocols to multiply the attack traffic directed towards a target. The attacker sends small requests to vulnerable servers on the internet, which then respond with much larger replies to the victim’s IP address, effectively amplifying the volume of traffic directed at the target.

One specific type of amplification attack that has gained notoriety since 2016 is the CLDAP reflection attack. CLDAP, or Connection-less Lightweight Directory Access Protocol, is a version of LDAP (Lightweight Directory Access Protocol) that does not require a persistent connection to operate. In a CLDAP reflection attack, attackers exploit the CLDAP protocol to send queries to CLDAP servers with a forged sender address. The servers, believing the queries to be legitimate, send their responses to the target address. Since CLDAP responses can be significantly larger than the requests, this results in an amplified traffic volume directed at the victim, leading to service disruption.

DDoS attacks, particularly those using amplification and reflection techniques, are challenging to defend against due to their distributed nature and the volume of traffic they can generate. To protect against such attacks, organizations often employ a combination of proactive and reactive measures. These measures include implementing robust network infrastructure with traffic filtering, deploying anti-DDoS solutions, and maintaining constant vigilance through monitoring and threat intelligence. Additionally, collaboration with internet service providers and leveraging cloud-based DDoS protection services can be effective in mitigating the impact of these attacks.

Learn More About DDoS

Amplified DDoS Attacks

Distributed Denial of Service Attacks (DDoS)

Protocol DDoS Attacks

Understanding Volumetric DDoS Attacks: Scale, Impact, and Defense

Application Layer DDoS Attacks

HTTP Flood DDoS Attacks

What Are SYN Flood DDoS Attacks?

What Is a DNS Amplification Attack?

What Is a UDP Flood DDoS Attack?

CLDAP Reflection DDoS Attack

SSL Flood and SSL Renegotiation Attacks

SSL/TLS Exhaustion DDoS Attacks

Fork Bomb Attack (Rabbit Virus)

Smurf DDoS attack

Transparent Proxy

What is a LAND Attack?

NTP Amplification DDoS Attack

SSDP Amplification DDoS Attack

Memcached Amplification DDoS Attack

Memcached DDoS Attack

Application Layer Security

Denial of Service (DoS)

Null Connection Flood Attack

ACK Flood

TCP Data Flood