Defenses Against DDoS Attacks Are Few, If Any

Tuesday, December 14, 2010



What can be done to protect your servers against a distributed denial of service (DDoS) attack? Very little, according to an article by ZDNet's Steven J. Vaughan-Nichols:

"There is actually is a way that would put an end to most DDoS attacks. It requires that all Windows-based botnets be ripped out by the roots. Too bad, that’s not going to happen... Windows is insecure by design and used by hundreds of millions and many of those users wouldn’t know an anti-virus program from Angry Birds. Millions of Windows computers, including maybe yours, are slave labor in one of the various botnets. Since we’re not going to be rid of Windows anytime soon and it’s not going to get any safer, the reality is that botnet-powered, brute-force DDoS attacks are only going to continue."

But, there are some precautions that Vaughn-Nichols recommends to lesson both the likelihood and the severity of a DDoS attack:

"In short, if you update your gateway servers, switches, and firewalls to their most recent operating systems you should be protected from attacks that rely on TCP/IP and TCP/IP stack implementation weaknesses. You should have been doing this along. If you haven’t been, run, don’t walk, to your server room and update your systems."

Other recommendations in the article include extensive bandwidth, but even then your server may be knocked offline if the scale of the DDoS attack is sizable.

It looks like DDoS attacks will be with us for some time, and the only viable remedy may have to come through the international cooperative efforts of law enforcement.


Possibly Related Articles:
Denial of Service Botnets Windows DoS DDoS Headlines Servers
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.