Distributed Denial of Service (DDoS) interruptions literally wreak havoc on thousands of websites globally every year, causing extended periods of downtime resulting not only in lost revenue, but in lost communications and connectivity which has crippled countless corporate networks and brought a myriad of businesses to their knees. These types of Internet attacks overwhelm a website’s ability to function as designed, but the good news is that there are remedies, both in predicting attacks and in giving website owners early warning capabilities.
What are some of the motives why criminals launch DDoS attacks?
Their motives are sometimes politically or financially based, but some are launched simply for bragging rights. Often, they’re launched to mask other illicit crimes such as fraud and data theft.
The key to protecting your website is to be proactive
In much the same way that you think ahead to install locks on your doors to prevent unauthorized access to your business, and alarm systems to warn you of break-ins, employing DDoS protection enables you to detect and mitigate these types of Internet attacks. Let’s face it – not many businesses can survive extended periods of downtime if one of their primary sources of revenue is their website.
The basics of DDoS protection
Typically, identifying and mitigating DDoS attacks happens within the backbone of your provider, prior to it ever reaching your network. With protection, as data flows to websites, malicious traffic is detected and routed elsewhere, then dropped, allowing legitimate traffic to pass through.
What happens when an attack is detected?
When your DDoS defense infrastructure detects an attack (by monitoring specific IP addresses), mitigation procedures are initiated to scrub your traffic. Typically, an alarm is sent to your provider and to you, and the offending traffic is redirected to your provider’s scrubbing facility.
When researching DDoS providers, look for infrastructure that:
- First and foremost, can detect and identify an attack
- Performs packet scrubbing
- Can detect anomalies
- Is capable of blocking malicious packets on-the-fly
- Allows the safe passage of legitimate packets (your website’s business traffic)
- Isolates and redirects DDoS traffic floods within their network before it clogs your site
- Protects malicious traffic from reaching your network, rather than simply reacting to an attack.
What features should your DDoS protection provider offer?
- Provide attack notifications, either via a pager and/or an email. Ask if they provide SMS alerts
- Be capable of analyzing traffic and setting up email trap alerts
- Have robust infrastructure in place, including the devices/equipment necessary to mitigate an attack
- Provide monitoring for specific IP address ranges
- Offer some sort of portal access for reporting, to include anomalies, analysis and status updates.
Some tips on how to prepare for a DDoS attack
Obliviously, once attacked, you’ll need a reaction plan, but here are some tips on how to ready yourself before that happens.
- Identify the personnel that are designated to remediate an attack
- Work with your provider to test your service at least once a year to ensure everything progresses as anticipated, including alerts
- Anticipate the resources you’ll need should an attack exceed beyond normal expectations
- Keep your gateway architecture and mitigation settings up-to-date
- Ensure your DDoS protection provider understands how to mitigate current types of attacks
- Know upfront what capabilities your provider possesses
- Set up another means of communicating when being attacked other than the IP based services that may be effected. VOIP is a prime example
- Keep up with architecture as it evolves
If you’re under attack
Once under an attack, reference your plans and document all of the actions taken to mitigate the attack and be sure to save all of the logs and captured packets, if possible.
Brought to you by ProlimeHost
We’ve been in the web hosting industry for ten years, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in dedicated servers, with data centers in Los Angeles, Phoenix, Denver and Singapore. The E3 1270 v5 processor is now available at great pricing, giving you the ability to add up to 64GB of DDR4 ECC RAM. Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.