Proactive steps to prevent DDOS?
Hank Nussbacher
hank at att.net.il
Mon Jan 29 07:27:26 UTC 2001
At 12:52 27/01/01 -0500, Jeff Ogden wrote:
>>At 4:15 PM -0800 1/26/01, Sean Donelan wrote:
>>Fine, does this work better for you?
>>
>>Help me, what proactive steps can I take to protect my network from a DDOS?
>
>There isn't a lot that can be done, but there are a few steps you can take
>to "get ready" for a DDOS attack.
>
> --Make sure you have monitoring of your routers or firewalls in place
> so you'll get an early alert of a possible DOS attack. This will at
> least allow you to start working on the problem (and drafting
> press releases :-).
> --Talk to all of your up stream providers so you know how to contact and
> work with them if they are a source of a DOS attack against you. If your
> up stream provider isn't willing to work with you on this, start the
> process of getting a new up stream provider.
>
> --Look into the systems that are being developed and starting to become
> available that help automate the work to diagnose DDOS attacks.
> Encourage your up streams to do the same.
I know of just Asta Networks:
Asta Networks claims cure for denial-of-service attacks, Jan 17, 2001
http://www.nwfusion.com/news/2001/0117ddos.html
Firm eyes DOS attacks, Jan 22, 2001
http://www.nwfusion.com/archive/2001/115979_01-22-2001.html
Can you elaborate on others you may know?
-Hank
> --Make sure you have in place the filtering on your own networks that you
> wish everyone else had in place on their networks. This won't protect
> you from being attacked, but it will prevent you and your users from
> attacking others (or at least using spoofed IP addresses to do so), and
> that in turn may prevent you from being the target of a retaliatory DOS
> attack. It can also prevent or limit the spread of a DOS attack that
> originates within your network or from someone down stream. From your
> customer's point of view there may not be much difference between
> you being the source of or the target of a DOS attack--either way
> performance is likely to be poor and customers are likely to be unhappy.
>
> -Jeff Ogden
> Merit
More information about the NANOG
mailing list