In computer security, a reflection attack is a method of attacking a challenge–response authentication system that uses the same protocol in both directions. That is, the same challenge–response protocol is used by each side to authenticate the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge. [1]
The general attack outline is as follows:
If the authentication protocol is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully authenticated channel connection (the other one is simply abandoned).
In simple terms, in this type of attack, the attacker spoofs the IP address of its target, sends a query to the server exploiting the vulnerability that arises from the open nature of the misconfigured server, and the server has no way of distinguishing the spoofed IP address from the real one, and thus believes it to be an authentic request, and in turn provides a response to the query.
Some of the most common solutions to this attack are described below:
In computer security, a reflection attack is a method of attacking a challenge–response authentication system that uses the same protocol in both directions. That is, the same challenge–response protocol is used by each side to authenticate the other side. The essential idea of the attack is to trick the target into providing the answer to its own challenge. [1]
The general attack outline is as follows:
If the authentication protocol is not carefully designed, the target will accept that response as valid, thereby leaving the attacker with one fully authenticated channel connection (the other one is simply abandoned).
In simple terms, in this type of attack, the attacker spoofs the IP address of its target, sends a query to the server exploiting the vulnerability that arises from the open nature of the misconfigured server, and the server has no way of distinguishing the spoofed IP address from the real one, and thus believes it to be an authentic request, and in turn provides a response to the query.
Some of the most common solutions to this attack are described below: