Short Name |
DDOS:HOIC-HTTP-METHOD |
---|---|
Severity |
Major |
Recommended |
No |
Category |
DDOS |
Keywords |
High Orbit Ion Cannon (HOIC) HTTP Request |
Release Date |
2012/04/27 |
Update Number |
2126 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects the behavior of the High Orbit Ion Cannon (HOIC) packet flooding tool. Attackers can use this tool to send extremely large amounts of packets over the network to attempt to overwhelm a target. When used collectively from multiple sources, a Distributed Denial of Service (DDoS) can occur. A bug in some proxy servers can also trigger this signature. Therefore, this signature should only be used to protect your web servers from attacks from the Internet, and not to monitor out-bound traffic from your end-users, especially if the users are behind a proxy.