DDoS Security Checklist

176 Views

Since the early days of the internet, DDoS had been a favorite weapon of cyber-criminals. Recently there was news about the biggest DDoS attack in history targeted towards Spamhaus, an anti-spam group. The attacks reportedly peaked at 300 Gb/s (gigabits per second) which is way over what had been seen earlier. Modern DDoS attacks are getting obscenely large for even big organizations to handle effectively.

DDOS

DDOS

What is DDoS?

DoS or Denial of Service is an attempt to make a machine or network resource unavailable to its intended users. When such a DoS is carried out by a large number of attack sources, it is called DDoS or Distributed Denial of Service.

Basic types are:

  • Consumption of computational resources
  • Disruption of configuration information
  • Disruption of state information
  • Disruption of physical network
  • Disruption of the communication media between the victim and its intended users.

How can I prevent DDoS?

While it would be incorrect to say that DDoS attacks can be prevented, the impact can be mitigated and even thwarted if your IT infrastructure is sufficiently hardened, distributed and secured. We have listed some of the preventive steps below:

  • Use rate-limiting in firewalls, routers, load balancers and other network perimeter devices.
  • Enable TCP SYN cookie protection.
  • Test your applications and deployment architecture for DoS vulnerabilities and fix them.
  • Conduct regular configuration audits of your perimeter devices.
  • Use updated software/firmware
  • Use updated Anti-virus and regularly check for malware, bots on your systems. (This way you are less likely to contribute to DDoS on others).
  • Use multiple ISPs or hosting providers for redundancy.
  • Maintain a backup site for quick switchover.
  • Install or configure network monitoring systems which can alert you as soon as any DDoS hits.
  • Check with your ISPs or hosting providers how they handle DDoS and be aware of financial implications in case you are hit with a massive DDoS.

Help I am under DDoS!! What should I do?

Dealing with a DDoS underway is incredibly difficult. The first step should be to try to understand the type and source of the attack. Understanding the attack type greatly helps in effectively dealing with the attack. Some of the things that you may consider are:

  • Blackholing and sinkholing
  • Enable rate-limiting in firewalls, routers, load balancers and other network perimeter devices.
  • Obtain a new IP address or range from your ISP or hosting provider if the attacker is targeting an IP address or range. If you have multiple ISPs then try switching your primary ISP.
  • Switch to something like Akamai, Cloudflare or Incapsula who have known expertise to handle DDoS.

What to do post the incident?

  • Conduct a root cause analysis and ensure that no other malicious activity was done on your servers other than DDoS.
  • If blackholing or sinkholing was done, restore the same.
  • If the preventive measures listed above are missing, you may consider implementing some of them to be better prepared.

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.




One Response

  1. Karman Apte August 13, 2013
Games Security
Gmail
Exciting Feature you need to know about Gmail
Digital Marketing
Expanding Your Digital Marketing in 2017
SME Website Design
Five-Tier Guide to SME Website Design
External Giveaway Freebie TechnoGiants Giveaway
iCare Data Recovery Pro
Giveaway #39: iCare Data Recovery Pro Free Download with License Key
Mother's Day Campaign
Freebie: TechnoGiants Celebrating Mother’s Day
iCare Data Recovery Pro License Key
Giveaway #38: Free iCare Data Recovery Pro License Key for 3 Days Only
Android iPhone
Developing Mobile App
Top Hidden Costs of Developing a Mobile App
iPhone App Developers
5 Essential Things Every iPhone App Developers Must Know
Setting and Achieving Goals
5 Apps that help you with Setting and Achieving Goals
Adsense
Outsource SEO
5 tips that will help you with SEO Outsourcing
Search Engine Optimization
A Beginner’s Guide to SEO
Social Media Tips
7 Best Practices for Organic Link Building
MAC Software
Able2Extract Professional 11
6 Time-Saving Tricks: Featuring Able2Extract Professional 11
Review FotoJet
Review FotoJet: Create Photo Collages and Designs for Free
EHR
What Exactly EHR Companies Are Thinking About The Software Development Technology?
Blogging Social Media
WordPress Security
9 Simple Tips to Help Buff up Your WordPress Security!
Instant Games
Facebook Launches Instant Games- Users Get Ready to Play them in Just a Few Clicks and Touches
Social Media
5 Predictions about Social Media Marketing for the Year 2016
Debit cards
The Rise in use of Credit/Debit cards in India after Demonetization
Data Recovery
Infographic: Data Loss & Data Recovery
Magento Ecommerce Website
Infographic: Magento Ecommerce Website Design and Development
Xamarin Benefits
Infographic: Xamarin Benefits for Business
Read previous post:
Google Calendar: Three Ways That It Can Supercharge Your Blogging!

Most bloggers come into blogging with an endless amount of energy! This energy is ultimately what drives the internet. At...

Close