Vulnerabilities / Threats
2/7/2012
01:53 PM
50%
50%

10 Strategies To Fight Anonymous DDoS Attacks

Preventing distributed denial of service attacks may be impossible. But with advance planning, they can be mitigated and stopped. Learn where to begin.

Anonymous: 10 Facts About The Hacktivist Group
Anonymous: 10 Facts About The Hacktivist Group
(click image for larger view and for slideshow)
Consider 2011 to be the year that distributed denial-of-service (DDoS) attacks went mainstream.

Who's responsible? Blame Anonymous, according to a new report released Monday by security vendor Radware.

"Their major campaign, Operation Payback, during the WikiLeaks saga in December 2010--against those supporting the U.S. government--was the turning point that shaped the security scene in 2011," according to the report. In short, by distributing easy-to-use DDoS tools, such as low-orbit ion cannon, Anonymous popularized DDoS attacks.

[ So you've been hacked. Learn 9 Ways To Minimize Data Breach Fallout. ]

But are DDoS attacks something that businesses and government agencies must simply endure, or, can they be more actively resisted? In fact, organizations can take a number of steps to at least mitigate the effect that DDoS attacks have on their websites, servers, databases, and other essential infrastructure.

1. Know you're vulnerable.
One lesson from the use of DDoS by Anonymous--as well as its sister hacktivist group LulzSec--is that any site is at risk. That's not meant to sound alarmist, but rather simply to acknowledge that the hacktivist agenda can seem random, at best. Indeed, after Anonymous came along, "the financial sector, which had not really considered itself as a prime target, was hit and urgently forced to confront threatening situations," according to the Radware report. "Government sites had been targeted before, but 2011 saw a dramatic increase in frequency, and neutral governments that felt themselves exempt, like New Zealand, were attacked."

2. DDoS attacks are cheap to launch, tough to stop.
As the recent Anonymous retaliation for the Megaupload takedown shows, hacktivists can quickly crowdsource "5,600 DDoS zealots blasting at once," as Anonymous boasted on Twitter, to take down the websites of everyone from the FBI and the Justice Department to the Motion Picture Association of America and Recording Industry Association of America. "DDoS is to the Internet what the billy club is to gang warfare: simple, cheap, unsophisticated, and effective," said Rob Rachwald, director of security strategy of Imperva, via email.

3. Plan ahead.
Stopping DDoS attacks requires preparation. If attacked, "folks that don't take active measures to ensure the resilience of their networks are going to get knocked over," said Roland Dobbins, Asia-Pacific solutions architect for Arbor Networks, via phone. "They need to do everything they can to increase resiliency and availability." Accordingly, he recommends implementing "all of the industry best and current practices for their network infrastructure, as well as applications, critical supporting services, including DNS."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
socratessaysno
50%
50%
socratessaysno,
User Rank: Apprentice
12/13/2014 | 2:20:24 AM
No real information
From what I've seen, the article did absolutely NOTHING on actually providing any worthwhile or relevent information beyond failing horribly at trying to sound helpful.


After reading the comments, this website should fire the author of this article and fill it in with the comments. Going to try a few of them out on myself and see which ones I like best. The commenters were more helpful than this garbage article. I didn't realize we needed to be told how to use common sense.
Ogara7
50%
50%
Ogara7,
User Rank: Apprentice
2/2/2014 | 4:13:13 AM
re: 10 Strategies To Fight Anonymous DDoS Attacks
My friend got a guy to dodos my minecraft server too... I managed to talk to him nd calm the situation down but I'm still concerned. My PC is 4 years old! It will never survive!
KyleT412
50%
50%
KyleT412,
User Rank: Apprentice
7/21/2013 | 5:44:20 AM
re: 10 Strategies To Fight Anonymous DDoS Attacks
I need a trick FAST. Apparently Anon is going to DdoS me on Monday D:. I own a minecraft server and they came on and fucked it up so i DdoSed him for 5mins. He said they will DdoS me and fry my router OR I have to pay them $800. And im 14 soooo ya.
seoarcher
50%
50%
seoarcher,
User Rank: Apprentice
1/26/2013 | 4:18:43 AM
re: 10 Strategies To Fight Anonymous DDoS Attacks
I also forgot to mention it is running php on a windows machine co .htaccess blocking will not work. I post some info here also http://www.seoarcher.com .
seoarcher
50%
50%
seoarcher,
User Rank: Apprentice
1/26/2013 | 4:14:59 AM
re: 10 Strategies To Fight Anonymous DDoS Attacks
My http://www.seoarcher.com website is suffering badly by a DoS attack. The user is changing ips daily so its hard to stop. Any help . pleasee...
jeandebogue
50%
50%
jeandebogue,
User Rank: Apprentice
11/28/2012 | 6:04:55 PM
re: 10 Strategies To Fight Anonymous DDoS Attacks
It's because there is a trick to block the traffic before it reaches you. In fact there are more than just 1 trick.

If you are curious let me know and I'll let you know what it is.
Juffe
50%
50%
Juffe,
User Rank: Apprentice
10/3/2012 | 9:46:46 AM
re: 10 Strategies To Fight Anonymous DDoS Attacks
You should also keep a close eye on the security logs for unknown username / password login attempts since they also consume CPU / RAM to manage.. When it comes to Windows servers I personally recommend having a look at Syspeace ( http://www.syspeace.com ) and for Linux fail2ban. Also consider redirecting 404 and 403 errors on webservers to somewhere else, to Google or 127.0.0.1 or something ..
davesg
50%
50%
davesg,
User Rank: Apprentice
2/8/2012 | 7:38:55 PM
re: 10 Strategies To Fight Anonymous DDoS Attacks
IMO most of this is fluff. If the bandwidth of a targetted DOS attack is larger than the pipe it is unstoppable. Really one of the things you mentioned, being friends with your upstream, and your upstreams pipe being bigger than the DOS attacks capacity is the only thing that will help you.
virtual
50%
50%
virtual,
User Rank: Apprentice
2/8/2012 | 5:55:13 PM
re: 10 Strategies To Fight Anonymous DDoS Attacks
There are other steps that companies and the government can take to stop hackers from breaking into networks, even the Chinese hackers.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.