Saturday, March 25, 2017

Different ways to mitigate DDOS Attack


DDoS is aka Distributed Denial of Service. It is type of attack where multiple Trojan infected systems are used to target a single system causing a Denial of Service (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.

How to mitigate DDOS attack?
There are couple of options available which are used to mitigate the DDOS attack like as below mentioned:-
1. Source Rate Limiting and Filtering
2. Limiting the total number of connections
3. Syn Proxy
4. RTBH

Options from 1 to 3 are used to reduce the impact and RTBH is used to completely drop the traffic for the targeted destination address. This can be achieved either at Customer Premises or at Service Provider Edge location by forwarding all the traffic for desired destination towards the null route. The main disadvantage of RTBH is that the entire traffic has to be dropped. What does it mean that if the server is hosting port 80 and port 53 application and DDOS attack is only for port 53 in that case the entire port 80 and 53 traffic has to be dropped. This may impact the services of port 80 also even though the traffic is not destined for port 80. But this will help service providers or customers to get rid from DDOS attack or to mitigate it.

In the next post, I will be sharing more details on BGP Flow Specs to control the DDOS attacks in more dynamic way. This is what could be the next or new approach after RTBH.

People who read this post also read :



No comments: