Describe the approaches used by commercial service managed providers to mitigate DOS attacks.
- [Voiceover] There are a number of managed service vendors that offer anti-DoS capabilities. CloudFlare is one of these. Offering a set of security solutions which are cloud-based, its strategy for preventing attack includes filtering black-listed sites, customer-side white lists, detecting attack signatures, web application firewall, and port filtering. Of particular interest, it offers network level DDoS protection by recognizing the common SYN, UDP, and ICMP flooding attacks.
It also offers application level attack mitigation, by managing traffic surges. CloudFlare leverages its knowledge of attack characteristics on one customer to then protect its customer community as a whole. Akamai is a well-known content delivery service through the cloud, and it offers one of the most popular DDoS protection services. Akamai's Prolexic network provides more than 2.8 terabits per second of attack mitigation bandwidth. It consists of six data scrubbing centers around the world with network capacity distributed among multiple tier-one carriers.
And can protect against all known types of DDoS attacks at the network, transport, and application layers. Google has launched Project Shield, a free service for websites which host news feeds. This service provides anti-DDoS protection through a reverse proxy. this receives traffic from the internet, checks it, and filters out back traffic using Google's proprietary methods, and sends safe traffic through to its destination. Project Shield also acts as a web server cache, enabling web pages to be served directly from Google's cloud infrastructure, rather than requiring delivery directly from its source.
This takes a significant load off a web server, whether that server is under attack or not.
Note: Our Ethical Hacking series will map to the 18 parts of the EC-Council's certification exam. This course maps to the 09 Denial of Service domain.
- What is denial of service?
- SYN flooding
- Smurf and URL flooding
- Deauthenticating a wireless host
- Flooding HTTP
- Using BlackEnergy
- Flooding SIP
- Detecting DoS with PeerShark
- Defeating DoS attacks