What is Distributed DoS Attacks?
Distributed denial of service attacks are one of the major pain-points of the modern internet. The good news is that even SMBs can implement robust protection against them without breaking the bank. Here is what you need to know.
There are two main kinds of distributed denial of service attacks
Modern distributed denial of service attacks can be broadly divided into two main kinds. These are infrastructure-level DDoS attacks and application-level DDoS attacks.
Infrastructure-level DDoS attacks are basically the modern version of old-school denial of service attacks. They aim to flood a website with fake traffic to render it totally unusable. The only real difference between modern, infrastructure-level DDoS attacks and old-school DoS attacks is that DDoS attacks use groups of computers chained together in botnets, whereas old-school DoS attacks only used a single computer.
This means that modern, infrastructure-level DDoS attacks are massively more powerful than regular DoS attacks. They are, however, not at all sophisticated. As a result, their attacks tend to be identified and blocked very quickly.
Application-level DDoS attacks are much more sophisticated. These specifically target high-value areas of a website, typically the login page or the payment page. Instead of mounting an all-out attack in the style of infrastructure-level DDoS attacks, the cyber attackers aim to do the bare minimum necessary to render the page effectively unusable. They try to stay undetected for as long as possible to cause maximum damage.
The nature of application-level DDoS attacks is such that they are not only much harder to detect, but also much harder to remedy. This means that it’s really important to be prepared for them so you can respond quickly.
How to prepare for distributed denial of service attacks
There’s nothing you can do to prevent yourself from being targeted by DDoS attackers. There is, however, a lot you can do to protect yourself and your business from their consequences. Here is what you need to know.
Bandwidth is your best friend
If you’re running a business website, then you should buy as much bandwidth as you can reasonably afford. There are all kinds of reasons for this. Protecting yourself against DDoS attacks is just one of them.
If you’re on a tight budget then compare the cost of buying extra bandwidth with the cost of your website going down. If that’s not enough, then factor in the cost of being demoted in the search engine results because the search engines identify that your website has a slow load time. While you’re considering this point, remember that organic search results are a lot harder to build up than they are to destroy.
Ping tests can help you keep track of your server’s performance
Ping tests plus bandwidth are a powerful defense against DDoS attacks. In short, your Ping tests will let you know that there is a problem with your server and your bandwidth will buy you the time to fix it. You don’t even really need a baseline of your server’s usual performance (although it’s nice to have). You can just decide what are acceptable parameters and investigate any time you detect that your server is operating outside them.
Firewalls are key to managing your traffic
Another vital purchase, even if you’re on a tight budget, is a subscription to a website vulnerability scanning service. These are offered by numerous vendors and each vendor will have their own take on the concept. Any decent option will, however, include an anti-malware scanner and a web applications firewall.
Overall, you need both. For DDoS, however, it’s the firewall you need and you should be prepared to take the time to set it up so that it works for you. In addition to monitoring your traffic and alerting you when there is a threat, firewalls can also filter traffic. They can do this on the principle of whitelisting (only permitting traffic which is known to be safe) or blacklisting (banning traffic which is known or believed to be malicious). Often, they’ll use a blend of both approaches.
Setting your firewall’s filters appropriately can go a long way towards making it more difficult to launch DDoS attacks in the first place, especially infra-structure level ones. Basically, you set up your firewall to reject any traffic which looks like it’s come from a bot. You must, however, remember to set exceptions for “good bots” like the ones used by the search engines.
cWatch DDoS Protection
Your firewall will also play a crucial role in defeating any DDoS attacks that are sent your way. Once you've identified their characteristics, you'll use your firewall to block them.
Please click here now to have your website scanned, for free, by cWatch from Comodo.