HTTP/2 and You: When hypertext gets too/2hyper

If you are reading this, CVE-2023-44487 aka HTTP/2 Rapid Reset is upon us. New DDoS records have been set to the tune of 7.5 times the previous all-time high. Some admins and enterprises will be in scramble mode. The culprit: a protocol-level oversight in HTTP/2 (HTTP Version 2) in the handling of stream closure that allows an attacker the opportunity to request and immediately close streams between client and server at an arbitrary rate. When executed en masse, the result is an amplification attack that leverages the underlying speed advantage of HTTP/2 and its introduction and allowance of multiple streams over a single TCP connection.

Read More