Security Basics mailing list archives
Re: Diff ways to prevent DoS and DDoS
From: Todd Haverkos <infosec () haverkos com>
Date: Tue, 03 Apr 2012 08:09:58 -0500
"sneha.anand.26 () gmail com" <sneha.anand.26 () gmail com> writes:
What are the different ways to prevent DoS and DDoS other than checking the frequency or having a CAPTCHA??
...Unfortunately, neither of which work for DDOS, and will lose you eyeballs. Imagine your company has, a 10Mbps link to the internet. Someone wielding a botnet that has a few Gbps of bandwidth at its disposal is going to win. This didn't happen, but the attacks using UDP are more than enough to take hosted dns servers down. Slowloris can take lots of web servers down, etc. http://www.tomsguide.com/us/Anonymous-LulzSec-DDoS-DNS-AntiSec,news-14631.html Mitigation will involve having an ISP that can be relatively nimble in screening ddos traffic from you (you'd be surprised how inflexible some are), and/or pushing your critical services out into the cloud at a provider that is equipped to respond to such. A financial ddos is possible though... if you're paying for bw, a ddos can sure ring up a lot of traffic. Here's aw hite paper that talks about Arbor Networks goodies and the like. http://www.arbornetworks.com/clean-pipes-2-0-a-complete-ddos-detection-solution.html Here's one from Cisco http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5879/ps6264/ps5888/prod_white_paper0900aecd8011e927.html -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Diff ways to prevent DoS and DDoS sneha.anand.26 () gmail com (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Thugzclub (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Littlefield, Tyler (Apr 03)
- RE: Diff ways to prevent DoS and DDoS David Gillett (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Littlefield, Tyler (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Todd Haverkos (Apr 03)
- Re: Diff ways to prevent DoS and DDoS Don Thomas (Apr 24)
- RE: Diff ways to prevent DoS and DDoS David Gillett (Apr 24)
- Re: Diff ways to prevent DoS and DDoS _ (Apr 26)
- Re: Diff ways to prevent DoS and DDoS Don Thomas (Apr 26)
- RE: Diff ways to prevent DoS and DDoS David Gillett (Apr 24)
- Re: Diff ways to prevent DoS and DDoS Thugzclub (Apr 03)