Solutions for DoS & DDoS
yuri at yurisk.info
Fri Dec 7 09:30:52 UTC 2012
I can think of few options here (basically restating what has been said
- Black hole routing on ISP side - just makes the client unreachable
outside ISP , available everywhere,
free. Not really a protection as aids the attacker in achieving his goal -
shutting down the client
- Managed DDOS As a Service on ISP side - ISP has a dedicated solution to
stop attacks on ISP premises (by dedicated I mean some hardware installed)
. Vendors vary (Arbor/Radware/etc..) and actually are not of much
importance to the end client - only SLA should be in place. Costs money,
advisable when undergoing non-stop/frequent attacks of moderate severity.
If an attack reaches gigabits bandwidth consumption the ISP may revert back
to Black Hole to protect its backbone and other clients.
- If speaking of web/email services - hosted solution is viable to some
degree (e..g Amazon AWS Cloudfront, Google Apps, CDNs etc) . IT is not a
DEDICATED hosted solution against DDOS, so be prepared for the provider to
shut down the client if the attack gets heavy enough
- Hosted web/email solutions WITH dedicated DDOS protection included,
including insurance that client will not be shut down on heavy load attack
(Prolexic etc) . Costs money (not cheap at all) and if your site is not to
be attacked like krebsonsecurity.com or fbi.gov probably an overkill.
Taking challenges one by one.
More information about the NANOG