Web Hosting Articles
Web Hosting FAQs
Web Hosting How-Tos
Web Hosting News
Web Hosting Reviews
Web Hosting Security

Weekly Newsletter

Developer Updates
Free Website Content

Articles

Forums

All Feeds

Write For Us

Site Map

Privacy Policy
Support

USERNAME

PASSWORD

>>> SIGN UP!

Lost Password?

WEB HOSTING ARTICLES

RSS

Dealing With Distributed Denial of Service Attacks

By: Terri Wells	Search For More Articles! Disclaimer Author Terms
Rating: / 7
2006-01-11

Table of Contents:

Dealing With Distributed Denial of Service Attacks

Types of Attacks

Preparing Your Defense

Working With Your ISP

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

SEARCH WEB HOSTERS

TOOLS YOU CAN USE

Dealing With Distributed Denial of Service Attacks - Preparing Your Defense

(Page 3 of 4 )

Before an attack occurs, you need to determine which parts of your online presence are most critical to the functioning of your business. The reason for this is simple: your Internet connection probably handles a variety of tasks, including outbound web traffic, incoming web traffic, SMTP email and DNS traffic. If your connection cannot handle all of that at once, as happens during a DDoS attack, which tasks have priority? Once you have set a policy for that issue, your technical fixes can fall into place.

Some attacks can be screened against. For example, you can have a router configured to screen packets before they enter your company’s network. Indeed, screening routers are commonly used today, and will prevent the standard spoofing DDoS attacks. If a screening router is also configured to filter outbound packets, it can make sure that your company does not become the source of a DDoS attack.

Certain types of DDoS attacks can be hard enough to detect that a screening router wouldn’t pick them up. Before an attack occurs, then, you need to understand what your normal user behavior and traffic is like, so that you can spot it when something out of the ordinary happens. If you currently have network monitoring tools, you’ll want to check whether they support the detection of anomalous traffic patterns.

You can also use something called an Intrusion Detection System (IDS) to detect anomalies. An IDS may even be able to reconfigure routers or firewalls when it detects something abnormal. There will naturally be a delay between the detection and the reconfiguring. At least one security company claims that using an IDS carries a certain risk – if an attacker can trigger the IDS to reconfigure the system, for example, it could lead to a self-denial of service. Your mileage may vary.

Firewalls can be good to use along with other defenses. Like screening routers, they can be used to filter packets. Typically, they don’t deal with this task as well as screening routers, so firewalls should not be used as the first line of defense against a DDoS attack. There are now companies that make dedicated DDoS prevention products, which may be worth investigating.

Next: Working With Your ISP >>

More Web Hosting Articles Articles
More By Terri Wells

WEB HOSTING ARTICLES ARTICLES

- Top Wordpress Plugins for SEO
- Top Drupal Evaluation and Rating Modules
- Free Network Monitoring Programs for Max Per...
- E-store Hosting: Free Options for Beginners
- Dropbox: The Ultimate File-Sharing and Synci...
- Reviewing the Best Free Web Hosting Sites
- Businesses Turn to Reseller Web Hosting for ...
- Multiple Data Center Hosting
- Web Hosting Goes Green
- Web Hosting Technology Overview
- Collaborate: An Examination of Tools for Gro...
- Social Networking Security
- Domain Names 101
- Top Software to Help Manage Your Websites
- The Evolution of Phishing

Find More Web Hosting Articles Articles

Web Hosting Articles

Dealing With Distributed Denial of Service Attacks - Preparing Your Defense

Developer Shed Affiliates