While distributed denial of service
(DDoS) attacks are nothing new, in the last year, we have seen larger,
stealthier, more targeted and more sophisticated attacks than ever before,
elevating the growing need for DDoS protection
for companies of all sizes that conduct business online or are highly
dependent on their online brand and reputation.
A denial-of-service (DoS) attack
occurs when traffic is sent from one host to another computer with the intent
of disrupting an online application or service. A DDoS attack occurs when
multiple hosts (such as compromised PCs) are leveraged to carry out and amplify
an attack. Attackers usually create the denial-of-service condition by either
consuming server bandwidth or by impairing the server itself. Typical targets
include Web servers, DNS servers, application servers, routers, firewalls, and
Internet bandwidth. The following five tips can help you protect your online
assets from a DDoS attack.
5
Tips for DDoS Protection:
- Centralize Data Gathering and Understand Trends: At the most basic level, successful DDoS protection
involves knowing what to watch for, monitoring for unusual traffic
patterns and activity, and staying abreast of what’s going on in the world
to identify and validate potential/emerging attacks more rapidly to
extract lessons learned into the appropriate incident response.
- Define a Clear Escalation Path: Systematic processes and methodology are essential for
effective DDoS attack mitigation, such as having defined standard
operating procedures and incident response teams in place. Also, it is
important to prepare for downtime by understanding which systems are vital
to your business, and developing and testing contingency plans for
short-term (e.g., 1 hour), medium-term (e.g., 24 hours), and long-term
(e.g., multiple-day) network or service outages.
- Use Layered Filtering: The goal of DDoS mitigation is to exclude only
unwanted traffic while allowing legitimate traffic to enter the network
with minimal delay. The most effective means to accomplish this is to use
a multi-layered verification process.
- Build in Scalability and Flexibility: To make sure systems will function properly under attack
conditions organizations must have a highly scalable, flexible
infrastructure that has been tested in various scenarios to identify
breaking points. It’s also important to use a distributed model to create
and maintain redundancy for high-value applications and services.
- Address Application and Configuration Issues: DDoS attacks have evolved from brute force attacks at
the network layer to more sophisticated, difficult-to-detect attacks at
the application layer. Attackers can learn the acceptable threshold of
activity for an individual application, and then sneak in as an
unperceived increase in network traffic. In the overall context of the
network, the increased traffic is not an issue, but if the targeted
application has a low tolerance for high-volume traffic, the attack can
take down the application.
Comments
Post a Comment