Web Hosting Articles

  Home arrow Web Hosting Articles arrow Page 4 - Dealing With Distributed Denial of Ser...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING ARTICLES

Dealing With Distributed Denial of Service Attacks
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 3 stars3 stars3 stars3 stars3 stars / 7
    2006-01-11

    Table of Contents:
  • Dealing With Distributed Denial of Service Attacks
  • Types of Attacks
  • Preparing Your Defense
  • Working With Your ISP

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement

    Dealing With Distributed Denial of Service Attacks - Working With Your ISP


    (Page 4 of 4 )

    Taking various steps to filter traffic at the company end is a good start. These filters should be in place and working as a matter of course. But if the traffic between your company and the ISP is saturated by the DDoS attack, it’s time to escalate your defenses. You will need to contact your ISP to help you manage the attack.

    The ISP has more bandwidth and is closer to the source of the attack, so they should be able to provide more effective filtering. The ISP will usually filter based on two factors: the source and destination IP addresses of the traffic, and the type of traffic. If there are detection mechanisms in place, these should be able to identify the sources of the attack – and the ISP should be informed.

    If you’re lucky, distinct IP addresses can be identified, and the ISP can filter those individually. Sometimes, however, you can’t get a better identifier than another entire network (or even another country). This is in part because many attacks use spoofed packets that don’t reveal their real IP addresses. The ISP will then have to work with those further upstream to figure out where the traffic is coming from. Once the ISP knows what router(s) the traffic is coming from, the owner can be contacted and informed of the situation.

    Meanwhile, if the router(s) can’t be immediately identified, some tough decisions may need to be made, and quickly. Again, you and your ISP will need to communicate closely – will the actions that need to be taken block legitimate users out of the network, and if so, how many? Would it be a fair trade-off?

    ISPs can also permit certain types of traffic while denying others. This is another reason why it is important to determine which parts of your online presence are most critical to your business. The ISP can then give those services priority, mitigating some of the pain of the DDoS attack.

    Sometimes a fix can be easily accomplished, at least temporarily. If the target of the DDoS attack is a single machine, a simple IP address change can end the flood. This is especially helpful for key servers (such as email or database servers) under attack. Another option, which might work for large companies, is to “throw bandwidth” at the attack and wait it out. It is neither the best nor the least expensive solution, but it might provide a temporary fix.

    DDoS attacks must be taken seriously. The key is to be prepared in advance: have your detection systems in place, know your normal traffic, and be on good terms with your ISP. The two of you must start the investigation and mitigation as soon as possible once the attack begins. You and your ISP will need to work together. It is a time-consuming process; even a very large company may take several hours to halt an attack. But it can’t be ignored; lack of preparation will only make things much worse. You owe your customers better than that.


    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    WEB HOSTING ARTICLES ARTICLES

    - Top Wordpress Plugins for SEO
    - Top Drupal Evaluation and Rating Modules
    - Free Network Monitoring Programs for Max Per...
    - E-store Hosting: Free Options for Beginners
    - Dropbox: The Ultimate File-Sharing and Synci...
    - Reviewing the Best Free Web Hosting Sites
    - Businesses Turn to Reseller Web Hosting for ...
    - Multiple Data Center Hosting
    - Web Hosting Goes Green
    - Web Hosting Technology Overview
    - Collaborate: An Examination of Tools for Gro...
    - Social Networking Security
    - Domain Names 101
    - Top Software to Help Manage Your Websites
    - The Evolution of Phishing

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap