Telco Transformation: enable you to deploy and offer DDoS mitigation-as-a-service at a low capex and a low opex.
Read more
MX7000: A powerful, versatile 'cloud-in-a-box' DDoS mitigation solution.
Learn more
TAP the lucrative market for DDoS Protection.
Be Our Partner
The Capture The Flag challenge: Get on the top of the scoreboard and win an Pentester Expert Coin !
Enroll now
The total number of DDoS attacks fell 13% in 2021 over 2020, but were still well above pre-pandemic levels, according to our recently released DDoS Statistical Report for 2021. Learn More
Cybersecurity best practices and DDoS defence strategies
In early 2020, a team of Chinese researchers found a new way to abuse HTTP packets to amplify web traffic and bring down websites and content delivery networks (CDNs). Named “RangeAmp”, the attack exploits the HTTP range requests attribute that allows clients (usually browsers) to request only a specific portion (range) of a file from a server.
Two types of RangeAmp attacks were identified. The first, known as a RangeAmp Small Byte Range (SBR) attack, is accomplished by sending a malformed HTTP range request to a CDN provider, which amplifies the traffic towards the destination server, eventually overwhelming the targeted site.
The second type is called a RangeAmp Overlapping Byte Range (OBR) attack. To exploit the RangeAmp OBR attack, the attacker also sends a malformed HTTP range request to a CDN provider, but in this case, the web traffic is funnelled through other CDN servers. This attack method amplifies the web traffic inside the CDN networks and not only crashes CDN servers, but also renders the CDNs and many other destination sites inaccessible.
HTTP Range Requests are part of the HTTP standard that allow web clients to request only a specific range of a file from the web server. This feature was created for pausing and resuming traffic in controlled (pause/resume actions) or uncontrolled (network congestion/disconnection) situations. RangeAmp attacks exploit the incorrect implementations of the HTTP range requests attribute by manipulating CDN servers to amplify traffic towards destination servers and ultimately crash targeted sites.
Nexusguard’s “RangeAmp Rule” is designed specifically to mitigate invalid requests that exploit this vulnerability.
Thank You!
We will get back to you shortly.
Nexusguard’s mitigation methodology involves filtering and stringent rule checking techniques that inspect all HTTP requests so that malicious or invalid requests never reach the backend server.
© 2022 Nexusguard - All Rights Reserved. Read Our Privacy Policy.