Distributed Denial of Service (or DDoS) attacks are one of the most infamous hacking methods meant to incapacitate a target, used against individuals, but more often targeted at websites, public services, ISPs, large companies, and banks. They're mostly so popular because of their high efficiency, as DDoS attacks can take out whole websites in just a few minutes, and typical security measures and tools like firewalls are often rendered useless by such attacks. Though individuals and single computers are usually not targeted by DDoS attacks, there are still cases when individuals working for well-known companies or with a noticeable social media status had their laptop or desktop targeted by a DDoS attack. What can you do if you find yourself in such a situation?
1. Prevent the attack
A common method to protect a website against DDoS attacks is by setting traffic thresholds that trigger security protocols when reached. For both websites and networks, creating and maintaining whitelists and blacklists that control the IPs accessing the target could sometimes work, but it's not a method without any drawbacks (especially issues caused by false positives). A better method is to simulate a DDoS attack and make your action plan accordingly, and as fail proof as possible. Even better is to spend some time and money and deploy specialized DDoS attack prevention tools and services, like CDNs - content delivery networks (Akamai's Prolexic, Incapsula, Arbor Networks, or CloudFlare) which are capable of detecting the illegitimate traffic and diverting it to their cloud infrastructure. Since CDNs are really expensive, smaller businesses can simply use firewalls and cheaper cloud mitigation providers. The cheapest way to defend against DDoS attacks is to deploy more servers when you suspect potential attacks.
How CDNs work
2. Identify the attack and mitigate its effects
If you suspect that a DDoS attack is in progress or about to occur, you should quickly ensure that your web server has more bandwidth than it would usually need. If possible, contact the web host and ask for help, as the hosting provider can deploy methods such as “null route” to drop the traffic to your website and “scrubbers” to filter out the requests from the botnets that are part of the DDoS attack.
Both as part of the prevention and the attack mitigation plans, using specialized software is also a potential solution to handle DDoS attacks. There are tools like the FortGuard Anti-DDoS Firewall (requires Microsoft Windows 2000/2003 Server), the D-Guard Anti-DDos Firewall, or the Anti DDoS Guardian that can help you with such issues. Of these, my favorite is the Anti DDos Guardian, as it comes with a handy interface and the preliminary setup can be performed using a neat wizard-like interface, step-by-step. Unfortunately, it isn't updated very often, but its price is quite reasonable.
In conclusion, DDoS attacks are quite hard to prevent and to stop, so having a well-structured action plan at your disposal is very important. Mitigating the effects of the DDoS attacks is often more realistic than trying to prevent the attacks.
- Anti DDoS Guardian High performance DDoS/DoS protection software for Windows Servers. $99.95 DOWNLOAD
- Mizutech VoIP Test VoIP stresstest is a program capable of generating a huge amount of traffic having a multithreaded VoIP engine written entirely in C++. $480 DOWNLOAD
- PureVPN PureVPN gives you access to secure and surveillance-free Internet using encrypted VPN servers. FREE DOWNLOAD