Everything you ever wanted to know about security policy management, and much more.
Recently we’ve seen the renewed interest of DDoS methods and tools splash the front pages of major newspapers and news sites throughout the world. Just in the past week a hacktivist group is calling for more DDoS attacks on US banks.
The ability to harness and command internet traffic towards a company or organization for the attacker’s sole purpose of limiting the access to a resource is cheap, easy and very stealthy. It’s become the tool of trade for many activists and hackers alike and can be absolutely devastating if you’re in the crosshairs of a skilled attacker with the power of the internet flooding behind him.
Before we get into defending a DDoS attack lets discuss a few motives that might provoke an attacker into launching an attack towards someone.
Every organization has a limit, and with enough firepower behind them, the attacker will find that limit. Attackers have at their disposal free DDoS tools to download and have the capability to direct large quantities of traffic towards a victim with finite resources – all it takes a lot of the time is pointing and clicking towards a target IP/domain. Many of these tools can also be scripted to launch traffic towards a site on a scheduled basis and to change tactics to keep the victim guessing.
There are many ways that have been proposed to defend against DDoS attacks, but there is no silver bullet when it comes to this beast. Like all things in security you need to rely on layers of protection. To get a better understanding of DDoS attacks and ways to protect yourself against them you need to understand that there are several types of DDoS attacks that can be conducted numerous different ways – and depending on the layer being attacked different systems might not realize it.
Using the Botnet as a Bottleneck
Then there’s the botnet, the living, breathing beast on the internet looking to focus its rage upon a group like a dragon spewing flame. This is where DDoS gets the extra “D”. No, not dragon… distributed. When a botnet is in the hands of a capable attacker, the victim should know that they’re in for a long ride. There have been botnets as large as 500,000 nodes, which can do some serious damage. This is what most professionals are using to launch DDoS attacks, and the sad part is that many are up for rent.
The internet can be a cruel place… Check back next week to learn some things you can do to better defend against DDoS attacks. And if you have any recommendations, please share them here!
Receive notifications of new posts by email.