Tuesday, March 19, 2013

What is a DDOS attack and how to mitigate it

DDOS is short term for Distributed Denial of Service where multiple infected systems target a particular site or server causing the legitimate requests fail (denial of service).

If the DDOS attack is large, there is nothing you could do to fully mitigate it. But the first thing you should do is to understand the nature of the DDOS attack and the targeted site/service.
Finding the target will really help if the site is hosted in a shared server. One of the effective way to mitigate the DDOS attack is to use a hardware firewall along with the software firewall.
Popular data centers like SoftLayer/The Planet, DedicatedNow use Cisco, Riorey respetively for large DDOS attacks and are quite effective (as far as I have experienced). If the attack prevails for a long time and if it reaches the threshold value, it would be better to null-route the IP under attack for a period of 4-5 hours.

Another suggested method is to increase the port speed of your server to a higher one, say if your current port speed is 10Mbps or 100Mbps, upgrade to 1000Mbps.

Here we will be discussing steps to mitigate it in a LAMP server using some Apache settings/modules, software firewalls and TCP/IP tweaks.

No comments:

Post a Comment