Referral Flood of Trusted Entities
Variants:
Direct
Also Known As:
WS-Addressing Spoofing - Variant, Anti-DDoS Service Abuse for Blocking Trusted Entities
Vector Type:
Attack
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Anti-DDoS, Secure Design
Invented In:
01/01/1999
Added In:
30/12/2014
Vector Operation Method:
A denial of service attack in which the attacker causes 3rd party entities or servers which are trusted by the target web site to perform the denial of service on his behalf, through redirection instructions and other means. Attacking the system through trusted entities may disrupt the protection offered by anti-DDoS solutions, or even worse - cause them to lock crucial trusted entities.
