You could do the following things to minimize the DoS attack:
- Effective robust design
- Bandwidth limitations
- Keep systems patched
- Run the least amount of services
- Allow only necessary traffic
- Block IP addresses
Due to the power of DoS attacks and the way they work, there is nothing that can be done to prevent a Dos attack entirely
The DoS and DDoS attacks in combination with malicious codes implantations are easily launched but difficult to completely stop. With the nature of TCP/IP and programming issues that are often overlooked, the current Internet is still vulnerable to various forms of DoS and DDoS attacks. There is no "silver bullet" solution to this, like many other security issues. |
- Timely application of patches and system updates, especially to potentially exposed machines. For example, update and maintain a current build of BIND on DNS servers.
- Deployment of only strictly necessary network services
- Intrusion detection systems
- Firewalls
- Anti-virus software
- Good password policies
- Use of Tripwire or other similar tools to detect changes in configuration information or other important files
- Paying heed to "Top 20" vulnerability lists provided by the information security community and evaluating these risks against one's environment
- Establishment and maintenance of regular backup schedules and policies
- As a network is only as secure as its weakest link, protection of mobile and remote machines with personal firewall/intrusion detection software
However, in mitigating DoS or DDoS attacks, it requires good network design to be able to control the point of entry or the gateway. As for mitigating new attacks, it is essential to have filtering capability based on packet header and content within the network or at the critical gateways in order to filter malicious traffic as a response to such attacks while waiting for a permanent solution from suppliers to be applied to the devices. Applying all known patches and fixes to all devices in the network to prevent known attacks is necessary. Finally, it is important to have the relevant referrals in the policy and legislations to address the issue of DoS and DDoS to ensure an effective cooperation between service providers and law enforcement agencies .
No comments:
Post a Comment