DoS
Definition
A Denial of Service (DoS) attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of illegitimate requests. This can lead to the exhaustion of resources, making the service unavailable to legitimate users. DoS attacks can be executed using various methods, such as sending excessive traffic, exploiting vulnerabilities, or consuming computational resources.
Secure Settings Example
# Example Kubernetes PodSecurityPolicy to mitigate DoS attacks
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: restrict-resource-usage
spec:
limits:
cpu: "500m"
memory: "256Mi"
requests:
cpu: "250m"
memory: "128Mi"
maxUnavailable: 10%
minReadySeconds: 5
Insecure Settings Example
# Example of insecure Kubernetes resource settings
apiVersion: v1
kind: Pod
metadata:
name: vulnerable-pod
spec:
containers:
- name: app-container
image: myapp:latest
resources:
# No resource limits set, making the application vulnerable to DoS attacks
limits: {}
requests: {}