How to Protect Yourself from DDoS Attack

Sep 08, 2016 | 9:56 am

Published by | Chandan Singh

 

what-is-ddos

What is DDoS Attack

DDoS is stands for Distributed Denial of Service (DDoS), used for make online service unavailable by send unlimited number of request to target area. Behavior of server is, it give response to all requests therefor DDoS attack server not able to response all requests, and the result will, that online service temporary unavailable.

Facts and Figures

Approx 2000 DDoS attack are performed daily, on world wide by Arbor Networks.
Source: ATLAS Threat Report

On the Black Market attacker easily buy a week long DDoS Attack at $150
Source: Trend Micro Research

Total number of downtime Incident over world wide is 1/3 due to DDoS Attack
Source: Verisign/Merril Research

Main Motives for a DDoS attack

  • Blackmailing
  • Destroying your reputation or goodwill.
  • Unfair competition.
  • Taking revenge to past insult against you or your business.
  • Attacker want to gain credibility among the criminal fraternity.
  • Hactivism.
denial-of-service-attack-cyberops-infosec-what-is-ddos

Steps of DDoS Attack

Building Capacity
Attacker create huge number of networks with infected computer system, known as botnets. Attacker spread this using by email, social media, websites. If someone click to there link then malicious software install on that computer system, after infected attacker can access that system remotely without permission to administrator permission.

Launching Attack
Botnets send unlimited requests to targeted website. Attacker have unlimited numbers of infected computer system which work as botnets. Floods of requests are send as multiple ways and server not able to response to all requests.

Selling Silence
Black Market of software or underground market, anyone can pay very nominal price. Due to this thing rising DDoS Attack. Because anyone can purchase and perform DDoS Attack.

Prevent against DDoS Attack

  • Use Good Firewall
  • If you are identify that a few computers are using DDoS attack, then you can put Access Control List (ACL) in your firewall and block these IPs.
  • If you are identifying that requests are come from a single country then you can block the IP of that country, at least for a while.
  • You have to check visitors or website time to time, and if you notice that suddenly your visitor are increase with huge number, then check out logs of website.
  • If your network consume bandwidth then buy more bandwidth
  • You may use good load balancing software.
  • Enable anti IP spoofing feature on your firewall.
  • Use of Anycast for both DNS and TCP.
  • Legitimate traffic can still access your content
  • Make sure DNS is protect behind the same type of load balancer.
  • You can hire third party anti DDoS to protect your site.
  • Block Internet Control Message Protocol (ICMP) in your router.