TODAY WE WILL CHECK HOW THE DOS ATTACK IS DONE IT IS BASICALLY REDIRECTING A HUGE AMOUNT OF TRAFFIC TO A SITE SO IT WILL GET HANGED AND THE SITE CANT BE REACHED.
SO BECAUSE OF SUCH ATTACK THERE CAN BE A HUGE LOSS OF ANY SALER.FOR EXAMPLE IF THERE IS ANY RETAILER WHO IS SALEING ANY THING AND MEAN WHILE IF THERE IS SUCH AN A ATTACK THEN WILL BE A LOSS IF THERE WAS A CUSTOMER.
There are four main types of protection from DDoS attacks:
* Do It Yourself. This is the simplest and least effective method. Generally someone writes some Python scripts that try to filter out the bad traffic or an enterprise will try and use its existing firewalls to block the traffic. Back in the early 2000s, when attacks were pretty simple, this could work. But these days, attacks are far too large and complex for this type of protection. A firewall will melt quite quickly under the load of even a trivial attack
* Specialized On-Premises Equipment. This is similar to “Do It Yourself” in that an enterprise is doing all the work to stop the attack, but instead of relying on scripts or an existing firewall, they purchase and deploy dedicated DDoS mitigation appliances. These are specialized hardware that sit in an enterprise’s data center in front of the normal servers and routers and are specifically built to detect and filter the malicious traffic. However, there are some fundamental problems with these devices:
• They are costly CAPEX purchases that may sit around and do nothing until you get attacked. They also can be expensive to operate. You need skilled network and security engineers to work these devices - there is no magic “mitigate DDoS” button.
• They must be constantly updated by the operations team to keep up to date with the latest threats. DDoS tactics change almost daily. Your team must be prepared to update these devices to the latest threats.
• They can’t handle volumetric attacks. It’s unlikely that an enterprise would have enough bandwidth coming in to handle the very large DDoS attacks occurring today. These hardware appliances don’t do any good when the attack exceeds network capacity.
* Internet Service Provider (ISP). Some enterprises use their ISP to provide DDoS mitigation. These ISP’s have more bandwidth than an enterprise would, which can help with the large volumetric attacks, but there are three key problems with these services as well:
• Lack of core competency: ISP’s are in the business of selling bandwidth and don’t always invest in the required capital and resources to stay ahead of the latest DDoS threats. It can become a cost center to them - something they have to provide, so they do it as cheaply as possible.
• Single provider protection: Most enterprises today are multi-homed across two or more network providers to remove the single point of failure of a provider. Having two providers is a best practice to maximize uptime. ISP DDoS mitigation solutions only protect their network links, not the other links you might have, so now you need DDoS mitigation services from different providers, doubling your cost.
• No cloud protection: Similar to the above, a lot of Web applications these days are split between enterprise-owned data centers, and cloud services like Amazon AWS, GoGrid, Rackspace, etc. ISP’s can’t protect traffic on these cloud services.
* Cloud Mitigation Provider. Cloud mitigation providers are experts at providing DDoS mitigation from the cloud. This means they have built out massive amounts of network bandwidth and DDoS mitigation capacity at multiple sites around the Internet that can take in any type of network traffic, whether you use multiple ISP’s, your own data center or any number of cloud providers. They can scrub the traffic for you and only send “clean” traffic to your data center.
Cloud mitigation providers have the following benefits:
• Expertise: Generally, these providers have network and security engineers and researchers who are monitoring for the latest DDoS tactics to better protect their customers.
• Lots of bandwidth: These providers have much more bandwidth than an enterprise could provision on its own to stop the biggest volumetric attacks.
• Multiple types of DDoS mitigation hardware: DDoS attacks are extremely complex. There is a need for multiple layers of filtering to be able to keep up with the latest threats. Cloud providers should take advantage of multiple technologies, both commercial off the shelf (COTS) and their own proprietary technology to defend against attacks
Cloud mitigation providers are the logical choice for enterprises for their DDoS protection needs. They are the most cost effective and scalable solution to keep up with the rapid advances in DDoS attacker tools and techniques.
THIS BLOG WAS FOR EDUCATIONAL PURPOSE AND BE SAFE FROM SUCH ATTACK.
SO BECAUSE OF SUCH ATTACK THERE CAN BE A HUGE LOSS OF ANY SALER.FOR EXAMPLE IF THERE IS ANY RETAILER WHO IS SALEING ANY THING AND MEAN WHILE IF THERE IS SUCH AN A ATTACK THEN WILL BE A LOSS IF THERE WAS A CUSTOMER.
There are four main types of protection from DDoS attacks:
* Do It Yourself. This is the simplest and least effective method. Generally someone writes some Python scripts that try to filter out the bad traffic or an enterprise will try and use its existing firewalls to block the traffic. Back in the early 2000s, when attacks were pretty simple, this could work. But these days, attacks are far too large and complex for this type of protection. A firewall will melt quite quickly under the load of even a trivial attack
* Specialized On-Premises Equipment. This is similar to “Do It Yourself” in that an enterprise is doing all the work to stop the attack, but instead of relying on scripts or an existing firewall, they purchase and deploy dedicated DDoS mitigation appliances. These are specialized hardware that sit in an enterprise’s data center in front of the normal servers and routers and are specifically built to detect and filter the malicious traffic. However, there are some fundamental problems with these devices:
• They are costly CAPEX purchases that may sit around and do nothing until you get attacked. They also can be expensive to operate. You need skilled network and security engineers to work these devices - there is no magic “mitigate DDoS” button.
• They must be constantly updated by the operations team to keep up to date with the latest threats. DDoS tactics change almost daily. Your team must be prepared to update these devices to the latest threats.
• They can’t handle volumetric attacks. It’s unlikely that an enterprise would have enough bandwidth coming in to handle the very large DDoS attacks occurring today. These hardware appliances don’t do any good when the attack exceeds network capacity.
* Internet Service Provider (ISP). Some enterprises use their ISP to provide DDoS mitigation. These ISP’s have more bandwidth than an enterprise would, which can help with the large volumetric attacks, but there are three key problems with these services as well:
• Lack of core competency: ISP’s are in the business of selling bandwidth and don’t always invest in the required capital and resources to stay ahead of the latest DDoS threats. It can become a cost center to them - something they have to provide, so they do it as cheaply as possible.
• Single provider protection: Most enterprises today are multi-homed across two or more network providers to remove the single point of failure of a provider. Having two providers is a best practice to maximize uptime. ISP DDoS mitigation solutions only protect their network links, not the other links you might have, so now you need DDoS mitigation services from different providers, doubling your cost.
• No cloud protection: Similar to the above, a lot of Web applications these days are split between enterprise-owned data centers, and cloud services like Amazon AWS, GoGrid, Rackspace, etc. ISP’s can’t protect traffic on these cloud services.
* Cloud Mitigation Provider. Cloud mitigation providers are experts at providing DDoS mitigation from the cloud. This means they have built out massive amounts of network bandwidth and DDoS mitigation capacity at multiple sites around the Internet that can take in any type of network traffic, whether you use multiple ISP’s, your own data center or any number of cloud providers. They can scrub the traffic for you and only send “clean” traffic to your data center.
Cloud mitigation providers have the following benefits:
• Expertise: Generally, these providers have network and security engineers and researchers who are monitoring for the latest DDoS tactics to better protect their customers.
• Lots of bandwidth: These providers have much more bandwidth than an enterprise could provision on its own to stop the biggest volumetric attacks.
• Multiple types of DDoS mitigation hardware: DDoS attacks are extremely complex. There is a need for multiple layers of filtering to be able to keep up with the latest threats. Cloud providers should take advantage of multiple technologies, both commercial off the shelf (COTS) and their own proprietary technology to defend against attacks
Cloud mitigation providers are the logical choice for enterprises for their DDoS protection needs. They are the most cost effective and scalable solution to keep up with the rapid advances in DDoS attacker tools and techniques.
THIS BLOG WAS FOR EDUCATIONAL PURPOSE AND BE SAFE FROM SUCH ATTACK.
Comments
Post a Comment