Question

The software company NikSoft is selling a new defense against DDoS attacks. Their software looks at the soure IP address on all incoming packets, and if it finds any IP address that accounts for more than 1% of traffic over the last hour, it installs an entry in the router that blocks all packets from that address for the next 24 hours. Their marketing folks are claiming that this will stop all DDoS attacks. Please select the attack(s) that will not be stopped by their software: Group of answer choices +100 zombies flooding the victim network's link (each zombie consumes less than 1% of traffic) Forged source addresses to evade detection. Overwhelm resources at the end host (e.g., CPU, memory, etc) without filling the network pipe. Forged source addresses to look like they come from a singular trusted source. This will prevent the source from accessing the site. For example, if PSU used this software, an attacker could prevent Dr. Jones from being able to reach PSU.edu by sending a large number of packets whose IP addresses have been forged to look like they came from Dr. Jones.

Answer 1

+100 zombies flooding the victim network's link (each zombie consumes less than 1% of traffic)

Step-by-step explanation:

DDoS (Distributed Denial of Service) is simply attacking from multiple places at the same time, this is possible through the use of zombies.

Zombies are basically botnets, i.e devices that have been taken over and that a hacker can have control over. One way to do this is to spread a virus that can infect several computers, which the hacker can then use to implement a DDoS (Distributed Denial of Service).

So, this new software will not be effective as the marketing folks are claiming, as the hacker will simply create hundreds of zombies that can flood the network, each zombie consuming less than 1% of traffic to evade the defense.