An introduction to JavaScript-based DDoS
Distributed Denial of Service (DDoS) attacks have become more diversified in recent years, with attackers using malicious JavaScript to trick unsuspecting web users into participating in these attacks. Unlike NTP or DNS reflection attacks, the potential volume for a JavaScript-based DDoS is nearly unlimited as any computer with a browser can be enrolled in the attack. This article discusses how attackers have been using malicious sites, server hijacking, and man-in-the-middle attacks to launch DDoS attacks. It also describes ways to protect your site from being used in these attacks by using HTTPS and an upcoming web technology called Subresource Integrity (SRI).
Company
Cloudflare
Date published
April 30, 2015
Author(s)
Nick Sullivan
Word count
1506
Language
English
Hacker News points
122