4 ways to prepare for and fend off DDoS attacks

By Jonathan Hassell, CIO |  Security, DDOS, ddos attack

As you can imagine, at that level logging explodes-on your servers themselves, as well as on the attendant devices that care for and feed your network. Firewalls, unified threat monitoring devices, servers and other systems usually can't keep up with logging each individual request when an actual attack is in progress. Typically these devices begin falling over under the sheer load of logging each and every request, and their failures cause chain reactions with linked devices and systems, making the attack much more severe than just a lot of traffic. (That is much of the secret to DDoS attacks in the first place: Causing enough load that other systems than the one you are initially targeting begin failing.)

These chain reactions are often difficult to predict and recover from. Consider the botched recovery job Amazon suffered with its Elastic Compute Cloud service after the power outages in the Washington, D.C. area in early 2012. While not an attack, once servers in the datacenter began recovering after utility power was restored, the large number of reboot requests created its own little denial of service and prevented many virtual instances from powering back up until the load lightened. The moral of this story: Don't hesitate to dump your logs quickly once you know you're under attack and they're not giving you any more useful information.

4. Have a Good Response Plan Ready

If you experience a DDoS attack, you likely won't have a chance to develop a response plan at the time of impact. Your services will be degraded, if not disabled completely, and your highest priority will be restoring service and stopping the attack. These actions are aided by a detailed plan of mitigation developed in advance of an event.

Blogger Lenny Zelster has created a good-looking template for an incident response plan. His DDoS Cheat Sheet includes steps such as preparing contact lists and procedures in advance, analyzing the incident as it happens and spinning up your response processes, perform mitigation steps you've outlined for your action team and, finally, performing a thorough post-mortem to document lessons learned and amend the response plan with that experience for future incidents.

News: Pan-European Cybersecurity Exercise Simulates DDoS Attacks on Banks

Originally published on CIO |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question