A Denial-of-Service is basically a way to block the resources of a computer system, so that no users can access them. This article is about DDoS Mitigation.
With the advent of the internet age, network security has become the most important issue. The fact that network hackers have kept up with the pace of network security methods and heuristics, is only a grim realization of its gravity.
DoS (Denial-of-Service) attack is just a way to bring down a heavily-trafficked website for some time, and this time could be hours, days or even weeks. Let us try to shed some light on DDoS and some common preventive measures against it.
What is a Denial-of-Service attack?
A Denial-of-Service (DoS) is basically a way to block the resources of a computer system, so that no users can access them. In terms of the internet, DDoS consumes all the resources of a network by sending the victim imposturous traffic, laden with broken links in huge amounts.
The Distributed Dos (DDoS) has been just an advanced form of this attack, where the DoS attackers spread out wide enough on a huge network (such as the Internet). The script written by the programmer is sent to hundreds, or even thousands of computers which themselves start acting as “bots”, creating a “BotNet”. Then this network acts on behalf of the hackers, attacking target systems and/or networks.
Such DDoS attacks have been known to cost revenue losses worth millions in the past.
DDoS Mitigation Strategies
DDoS mitigation strategies could be divided into two different categories based on the skill level or the troubleshooter
- Basic Level
- Advanced Level
Basic Level
- Keep yourself informed about exactly what resources are being utilized, the services running, the bandwidth usage and also the demand for data or files.
- Update the network kernel to its latest version
- Install critical security updates
- Disable any unknown or unwanted services
- Data Packets are handled by network card drivers; keep them updated.
- Appropriate iptables/Netfilter firewall should be used to deny access to any bad packets.
- Use the following to know whether port 80 is under attack by too many IPs:
netstat -plan|grep :80 |awk ‘{print $5}’ |cut -d: -f1 |sort |uniq -c |sort -n
Advanced Level
- Make sure that you use all the latest technology on your network
- Using Cacti, SNMP, MRTG allows one to centrally monitor all the traffic, and any events off DDoS on the network.
- Limit the number of connections to a server. Giving preference to existing connections over new connection requests helps.
- Be on the lookout for appliances and applications which would alert you if the traffic reaches a certain maximum threshold. Then using techniques such as ‘dynamic filtering’ and ‘anomaly recognition’ one can inspect the incoming traffic for any broken or bad packets.
- Block any addresses which are not approved by the IANA, also called ‘dark addresses’.
Read through this special DDoS attack tutorial to learn more about DDoS mitigation strategies.
Pingback: DDoS Attack Tutorial | TechPluto
Anand Das
July 7, 2011 at 1:13 pm
Hey this is really a very nice piece. Highly informative and useful!
I tried out the port 80 thing and it really helped me identify the problem. Great help! 😀
Prashant Sharma
July 7, 2011 at 1:37 pm
@anand Glad you liked it. DDoS Mitigation is critical need in today’s scenario and such techniques can be helpful without hiring paid DDoS Mitigation experts.
Anand Das
July 7, 2011 at 2:12 pm
hey i was wondering if techpluto could provide some free tool or software to prevent or manage ddos attacks.. also u rite really well.. keep it up
Prashant Sharma
July 7, 2011 at 10:01 pm
Thanks Tony for passing on that link for DDoS mitigation related softwares. Well, I must admit the credit for this article goes NOT to me but my editorial team(Harshit Sinha) working behind the scenes
Tony Grisham
July 7, 2011 at 2:17 pm
hi Anand
you could check out this link
http://softwaretopic.informer.com/ddos-software/
you might get what you want there..
this is a really nice work here,
webmasters hark!
sibendu
July 8, 2011 at 2:03 am
how much i will pay to ddos protection? if web hosting service is nt doing ddos protection how to handle it?
xxkiltrest
July 8, 2011 at 7:28 pm
nice work this.
can your team feature a piece reviewing google+ and possible effect on facebuk..
Prashant Sharma
July 8, 2011 at 11:36 pm
@xxkiltrest Thanks for your appreciation on DDoS mitigation article. Credit goes to Harshit Sinha, part of our editorial team and author of this article. And sure, just hang in there and you will soon see a post on TechPluto reviewing Google+ and possible effect on Facebook.
GabloFX
August 20, 2011 at 9:22 pm
Hi,
Im interested in how to execute a DDOS Attack.
Im using an Apple Mac computer!!
Thanks.
randka w uk
August 30, 2011 at 3:25 am
Sweet site, super design , really clean and apply pleasant.
Rebecca Poort
September 5, 2011 at 5:04 pm
Though Id disagree on some of the finer particulars, I believe you probably did an superior job explaining it. Positive beats having to research it on my own. Muchos Gracias on your post.
Reva Tessendorf
September 20, 2011 at 7:49 pm
Hello, Thank you for the excelent writing. It in fact was a nice short read. I will come back to enjoy more of your excellent reads. By the way, how can we communicate? Thanks.
Jean Argudo
September 23, 2011 at 4:16 am
Hi there are using WordPress for your site platform? I’m new to the blog world but I’m trying to get started and create my own. Do you need any html coding knowledge to make your own blog? Any help would be really appreciated! Thank you!
bar franchise
September 23, 2011 at 3:04 pm
This nephew appeared to be laughing at everyone if reading this brand upon your blog “
Emelina Hummell
September 23, 2011 at 6:28 am
I loved as much as you’ll receive carried out right here. The sketch is tasteful, your authored subject matter stylish. nonetheless, you command get got an impatience over that you wish be delivering the following. unwell unquestionably come further formerly again as exactly the same nearly very often inside case you shield this hike.
Madie Zimmerle
September 24, 2011 at 12:05 pm
Hello There,I think this is read is very interesting and one of the better things I’ve read latley. But I want to say that your website style is perfect, the articles are really nice. Wonderful Job, Chow !
Cordell Luckado
September 27, 2011 at 7:36 am
Hi There,I like the helpful info you provide in your article. Ill bookmark your weblog and check back again here frequently. I’m quite certain I will learn many great things, here! Best of luck! Thank you, very much.
Berta Cyrus
September 28, 2011 at 1:18 pm
I was curious if you ever considered changing the layout of your site? Its very well written; I love what youve got to say. But maybe you could a little more in the way of content so people could connect with it better. Youve got an awful lot of text for only having 1 or 2 images. Maybe you could space it out better? Thanks!
Vilma Visaya
September 28, 2011 at 9:47 pm
Hey there! Would you mind if I share your blog with my zynga group? There’s a lot of people that I think would really enjoy your content. Please let me know. Thanks
Richie Schnobrich
September 29, 2011 at 9:29 am
Howdy this is kinda of off topic but I was wondering if blogs use WYSIWYG editors or if you have to manually code with HTML. I’m starting a blog soon but have no coding know-how so I wanted to get guidance from someone with experience. Any help would be greatly appreciated! Regards!
Pingback: Ddos attack tutorial | Explore the internet together
Jerilyn Cereo
October 29, 2011 at 1:53 am
I like this web site very much, Its a real nice position to read and receive information. Thanx.
Laure Feist
October 30, 2011 at 5:57 am
Very nice style and wonderful articles , nothing at all else we require : D. Best Regards.
Gustavo Bennion
October 30, 2011 at 8:49 am
Hi, It’s like you read my mind! You appear to know a lot about this, like you wrote the book on it or something. I think that you could use some Photo’s to drive the message home a bit more, but other than that, this is wonderful blog. A great read. I will definitely be back. Thanks.
Eddy Wetherington
October 30, 2011 at 10:18 pm
Hmm it looks like your site ate my first comment (it was super long) so I guess I’ll just sum it up what I had written and say, I’m thoroughly enjoying your blog. I too am an aspiring blog blogger but I’m still new to the whole thing. Do you have any helpful hints for rookie blog writers? I’d certainly appreciate it.
scooter in beijing
November 1, 2011 at 1:53 am
i am setting up A web portal for my business. and i want to know the copyright guidelines, specifically the legality of copying other articles from other websites. in other words, is it ok to copy an article from another site and paste it in my site ( of course, i will be putting the reference source or link it in to my site)? need hard core data please. if possible a weblink. thanks..
acheter cialis sur internet
November 21, 2011 at 9:27 am
Really worthwhile article. Pay attention