Skip to content

[DDoS Protection] Update DDoS attack coverage table #26039

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 23, 2025
+2 −2
Merged

[DDoS Protection] Update DDoS attack coverage table #26039

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/content/partials/ddos-protection/ddos-attack-coverage.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ import { GlossaryTooltip } from "~/components"

| OSI Layer | Ruleset / Feature | Example of covered DDoS attack vectors |
| --------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| L3/4 | [Network-layer DDoS Attack Protection](/ddos-protection/managed-rulesets/network/) | UDP flood attack<br/>SYN floods<br/>SYN-ACK reflection attack<br/>ACK floods<br/>Mirai and Mirai-variant L3/4 attacks<br/><GlossaryTooltip term="ICMP">ICMP</GlossaryTooltip> flood attack<br/>SNMP flood attack<br/>QUIC flood attack<br/>Out of state TCP attacks<br/>Protocol violation attacks<br/>SIP attacks<br/>ESP flood<br/>DNS amplification attack<br/>DNS Garbage Flood<br/>DNS NXDOMAIN flood<br/>DNS Query flood<br/>RST flood<br/>NetBios DDoS attacks<br/>mDNS DDoS attacks<br/>VxWorks DDoS attacks<br/>BitTorrent reflection attack<br/>Memcached amplification attacks<br/>CHARGEN reflection attacks<br/>Ubiquity reflection attacks<br/>Lantronix reflection attacks<br/>SSDP reflection attacks<br/>MSSQL reflection attacks<br/>DTLS amplification attacks<br/>Quote of the Day (QOTD) reflection attacks<br/>TeamSpeak 3 floods<br/>Jenkins amplification attacks<br/>GRE floods<br/>SPSS reflection attacks<br/>Carpet Bombing attacks<br/><br/>For more DNS protection options, refer to [Getting additional DNS protection](/ddos-protection/about/attack-coverage/#getting-additional-dns-protection). |
| L3/4 | [Network-layer DDoS Attack Protection](/ddos-protection/managed-rulesets/network/) | ACK floods<br/>BitTorrent reflection attack<br/>Carpet Bombing attacks<br/>CHARGEN reflection attacks<br/>DNS amplification attack<br/>DNS Garbage Flood<br/>DNS NXDOMAIN flood<br/>DNS Query flood<br/>DTLS amplification attacks<br/>ESP flood<br/>GRE floods<br/><GlossaryTooltip term="ICMP">ICMP</GlossaryTooltip> flood attack<br/>Jenkins amplification attacks<br/>Lantronix reflection attacks<br/>mDNS DDoS attacks<br/>Memcached amplification attacks<br/>Mirai and Mirai-variant L3/4 attacks<br/>MSSQL reflection attacks<br/>NetBios DDoS attacks<br/>Out of state TCP attacks<br/>Protocol violation attacks<br/>QUIC flood attack<br/>Quote of the Day (QOTD) reflection attacks<br/>RST flood<br/>SIP attacks<br/>SNMP flood attack<br/>SPSS reflection attacks<br/>SSDP reflection attacks<br/>SYN floods<br/>SYN-ACK reflection attack<br/>TeamSpeak 3 floods<br/>Ubiquity reflection attacks<br/>UDP flood attack<br/>VxWorks DDoS attacks<br/><br/>For more DNS protection options, refer to [Getting additional DNS protection](/ddos-protection/about/attack-coverage/#getting-additional-dns-protection). |
| L3/4 | [Advanced TCP Protection](/ddos-protection/advanced-ddos-systems/overview/advanced-tcp-protection/) [^1] | Fully randomized and spoofed ACK floods, SYN floods, SYN-ACK reflection attacks, and other sophisticated TCP-based DDoS attacks |
| L7 (DNS) | [Advanced DNS Protection](/ddos-protection/advanced-ddos-systems/overview/advanced-dns-protection/) [^1] | Sophisticated and fully randomized DNS attacks, including Water Torture attacks, Random-prefix attacks, and DNS laundering attacks. |
| L7 (HTTP/S) | [HTTP DDoS Attack Protection](/ddos-protection/managed-rulesets/http/) | HTTP flood attack<br/>WordPress pingback attack<br/>HULK attack<br/>LOIC attack<br/>Slowloris attack<br/>Mirai and Mirai-variant HTTP attacks<br/>HTTP/2 Rapid Reset<br/>HTTP Continuation flood<br/>Cache busting attacks<br/>Known DDoS botnets<br/>TLS/SSL negotiation attacks<br/>TLS/SSL exhaustion attacks<br/>Carpet Bombing attacks<br/> |
| L7 (HTTP/S) | [HTTP DDoS Attack Protection](/ddos-protection/managed-rulesets/http/) | Cache busting attacks<br/>Carpet Bombing attacks<br/>HTTP Continuation flood<br/>HTTP flood attack<br/>HTTP/2 MadeYouReset<br/>HTTP/2 Rapid Reset<br/>HULK attack<br/>Known DDoS botnets<br/>LOIC attack<br/>Mirai and Mirai-variant HTTP attacks<br/>Slowloris attack<br/>TLS/SSL exhaustion attacks<br/>TLS/SSL negotiation attacks<br/>WordPress pingback attack<br/> |

[^1]: Available to Magic Transit customers.