Defining DDoS and protecting against it

It’s a question we get regularly. “Do you guys protect against DDoS?” The question makes sense. Distributed Denial of Service attacks should be top of mind for business owners and network security professionals. The data bears that out.

Consider these statistics from a recent study on the state of the Internet by Akamai, one the world’s largest Content Delivery Networks (CDNs). They are comparing numbers from the second quarter of 2014 to the first quarter of 2014.

Increase in total DDoS attacks from Q1 to Q2 2014: 7.13%

… What about 2015?

Increase in total DDoS attacks from Q1 to Q2 2014: 132.42%

Clearly, DDoS attacks should be a concern. But what is a DDoS attack? Judging by some of our interactions with potential customers, this is something we should take a moment and define.

Defining DDoS

Somebody at a trade show we attended once came up to us and the first question out of his mouth was, “Hey, do you stop DDoS?” So we began talking and could tell by the look in his eye that he wasn’t quite following what we were saying. So we asked him a couple follow-up questions, and it ended up that he wasn’t talking about DDoS at all. He was talking about somebody trying to brute force the login on his remote desktop server. That’s definitely a problem, but it’s not DDoS. So what is?

It’s using hundreds or thousands of devices from across the Internet to flood a network with so much legitimate traffic that it renders parts or all of a network unavailable for a period of time. It fills up the bandwidth, fills up the pipe. So you can’t get traffic out to all the routers and switches and things inside the system start freaking out and you can’t get anything done. It’s really more about downtime than it is anything else.

Defending against DDoS

If you feel like you might be the target of a DDoS attack, there are a couple of things that you can do.
Make sure your providers are protected. The first thing you need to do is contact your ISP and find out what type of DDoS protection it is that they employ. You will also want to ask how they can help you if you do find yourself under attack.

If you have public-facing web servers or services, you might also consider cloud-based content delivery networks like CloudFlare or Akamai. Also, If you have moved any part of your network to the cloud then you’ll want to contact your cloud services provider to make sure proper protection against DDoS is in place there, too.

Protect your own network as best you can.

The hardest thing about protecting against most DDoS attacks is that they use legitimate traffic to do their damage. Sometimes standard protection systems like firewalls, IPSs and IDSs — which are geared toward stopping malicious traffic — aren’t going to be as effective at protection. Still, those protections need to be in place, so make sure they are there, too.

By | 2018-02-14T07:01:46+00:00 September 10th, 2015|Network Security|Comments Off on Defining DDoS and protecting against it