What are HTTP GET/POST flood attacks?
When an HTTP client (say, a Web browser) talks to an HTTP server (a Web server), it sends requests which can be of several types, the two main being
GETrequest is what is used for "normal links", including images; such requests are meant to retrieve a static piece of data, the URL pointing to that piece of data. When you enter a URL in the URL bar, a
GETis also done.
POSTrequests are used with forms. A
POSTrequest includes parameters, which are usually taken from the input fields on the same page.
When flooding, the attacker wants to submerge the target server under many requests, so as to saturate its computing resources. Flooding works best when the server allocates a lot of resources in response to a single request. Since
POSTrequests include parameters, they usually trigger relatively complex processing on the server (e.g. database accesses), which are more expensive for the server than serving a much simpler
POST-based flooding tends to be more effective than
GET-based flooding (it takes fewer requests to drown the server if the requests are
POST). On the other hand,
GETrequests being much more common, it is often way easier for the attacker to enlist (involuntary) help in his flooding effort when
GET-flooding (as @Rory says, it only takes a link for an inline image on a popular site, and everybody who browses that site automatically sends a
GETrequest to the target server).
(Of course, any particular Web site could do a lot of complex processing on some specific
GETrequests; I am only discussing average behaviour here.)
Thanks for so detailed answer. So you said that with **HTTP GET FLOOD** the attacker uses the _URL_ to attack. But what does the attacker use for **HTTP POST FLOOD** ? Can you give me an example ? How does he manipulate the data sent to a page (let's say _php_ page) an alter/change its content?