Re: DDOS Countermeasures RFC

[kstephe6 () csc com]

Advanced Countermeasures will come as the technology evolves.  For now the
basic game plan is to avoid the one network space problem that got MSN last
week.

Make sure the egress and ingress filtering is correctly configured.

Design multiple ISP services for your sites so you are at least serving DNS
and Web from multiple IP address spaces.

Distribute your static DNS servers in different locations than your dynamic
Web DNS (load balanced/high availability DNS Servers/web switches).  They
do not all need to be on the same IP address space.

Also watch your intrusion systems and logs for pre-attack traffic.  I have
almost always found mini-attacks as the bad guys test their zombies before
the massive attacks hit.


Ken Stephens, CISSP
Sr. Security Manager
Computer Sciences Corp

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards