|
Recent
Articles |
Network Device Monitoring In Essentials 2007
The whole point of System Center Essentails 2007 (aka SCE) is delivery of the base elements of operations and systems management in a single console. It is important to remember, the features you know...
Security, HR And Corporate Secrets
Security and HR are more involved in keeping corporate secrets in the world of Wiki's, blogs, YouTube, and MySpace. Computer World is running an interesting piece about corporate data leakage and unregulated...
Information Security As An Open And Closed System
The world of information security is both an open and a closed system in light of the way that we share data. There are few that understand that the sharing of data is a vital component of information security, and...
Tech Upswing Leading To Decrease In Instructors?
I have been visiting colleges in the local Seattle area, and many of them desperately need adjunct faculty. Just when colleges need technologically well informed instructors, there is an instructor shortage happening...
App And Service Portfolio Management
A longstanding debate in IT service management is the relationship between Service and Application. Readers of my book and this blog know that I see an Application Readers of my book and this blog know that...
|
|
 |
|
06.05.07
Bandwidth Needs Rise As DDoS Attacks Grow In Size & Complexity
 By
Paul Sop
Distributed Denial of Service (DDoS) attacks are an increasing concern of online organizations. In a DDoS attack, compromised PCs controlled by remote attackers, or botnets, inundate a network with the intent to crash its Web or application services.
DDoS attacks are increasingly easy to execute, and worldwide reached as many as 10,000 per day, according to a 2006 Computer Security Institute survey. The size of the attacks is growing as well. In 2005, the largest DDoS attack was 3.5Gbps. Today, attacks are over 10Gbps, which is enough brute force to take out an entire hosting/co-location facility.
A large DDoS attack can quickly overload an organization's Internet connection, so that few if any legitimate requests can get through. When networks are saturated, network equipment becomes unreachable or unresponsive, rendering mitigation attempts difficult, if not impossible. In the face of a large attack, most Internet carriers have only one recourse to save their bandwidth costs and protect their customers from collateral damage: ‘null route' the organization under attack or essentially take it off of the Internet. This is of course the intended goal of the attacker.
Today there are three types of DDoS attacks: 1) remote attacks in which attackers send very small packets which crash the servers, 2) protocol floods that overflow bandwidth capacity so that no legitimate requests can get through and 3) application attacks that hit servers with so many application requests that they fall over along with their back-end databases like dominos.
The best defense against a remote attack is to ensure that Internet-exposed application servers are well patched and regularly scanned for vulnerabilities. Also, adding an in-line intrusion prevention system (IPS) can potentially save servers from zero-day compromises. Protocol floods and application DDoS attacks, however, require more complex architectural defense solutions. To mitigate these attacks, some organizations invest in commercial mitigation equipment. These devices typically sit in front of the servers they protect. Once deployed, they protect against many types of DDoS flood attacks and some application attacks. Unfortunately, no commercially available commercial DDoS mitigation technology can successfully stop all attack types. To do so, requires an investment in multiple complex technologies, configured to work synergistically - no easy feat.
Continue reading this article.
About the Author:
Paul Sop is Chief Technology Officer for Prolexic Technologies. He has 16 years of technology leadership experience in innovative and successful start-ups, 12 of those in information security. Prior to joining Prolexic Paul founded RedWolf Security, a company focused on insider threat simulation, as well as Intellitactics, a market leader in security information management.
paulsop@prolexic.com
|
