Universal Tips to Avoid DDoS Attack

DDoSThere are some points that can helps to carefully prepare our systems to avoid Distributed Denial of Service:

1- Prepare a simple and fast way to reboot remotely servers exposed to external network (webservers ,mailservers ,application servers..) this can be using SSH, we can also create a second network interface to access the server while the main channel is down.

2- Keeping all software packages up to date, to protect our systems from DoS attacks that exploit bugs in the available services.

3- Restrict access to all admin services to only authorized users, for example using IP restriction for acceding devices like firewalls, routers and network devices so an attacker will not be able to lunch a DoS attack or brute force.

4- Monitor the traffic by installing network analyzing tools (Netflow) on the routers to help identify the attack in an early phase and react to prevent it as soon as detected.

5- Adding to /etc/sysctl.conf the following lines:
# Vi /etc/sysctl.conf
# Protection against spoofing
net.ipv4.conf.default.rp_filter = 1
# Check TCP-connection every minute.
net.ipv4.tcp_keepalive_time = 60
# Repeat the test in ten seconds
net.ipv4.tcp_keepalive_intvl = 10
# Attempts number before closing the connection
net.ipv4.tcp_keepalive_probes = 5

Here it is very important to note that the listed method aims only to reduce the risk of DDoS attack, and can protect against small botnets and you can consider 90% that your server is protected against these attacks. There is more sophisticated ways like load balancing method which is extremely expensive, so if a server fails all new clients will be redirected to a clustered server and provides a very high availability.

make sure you subscribe to my RSS feed!

Share
Subscribe
Notify of
guest
12 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback

[…] Tips to Fight DDoS Attack On previous post we shared the way to prepare our system to DDoS attack and the way to mitigate the risk. Now it is […]

trackback

[…] while here is a Universal Tips to Avoid DDoS Attack […]

trackback

rt @MBenLakhoua Universal Tips to Avoid DDoS Attack http://www.sectechno.com/2009/11/15/universal-tips-to-avoid-ddos-attack/ #in

trackback
trackback

RT @MBenLakhoua Universal Tips to Avoid #DDoS #Attack http://www.sectechno.com/2009/11/15/universal-tips-to-avoid-ddos-attack/ #security

trackback
trackback

RT @MBenLakhoua: Universal Tips to Avoid DDoS Attack http://bit.ly/gaSoQ #security #infosec

trackback

RT @MBenLakhoua: Universal Tips to Avoid DDoS Attack http://bit.ly/gaSoQ #security #infosec

trackback

Universal Tips to Avoid DDoS Attack http://www.sectechno.com/2009/11/15/universal-tips-to-avoid-ddos-attack/ #security #infosec #in

trackback

RT @MBenLakhoua: RT @sectechno: Universal Tips to Avoid DDoS Attack http://bit.ly/gaSoQ #security #infosec

trackback

RT @MBenLakhoua: RT @sectechno: Universal Tips to Avoid DDoS Attack http://bit.ly/gaSoQ #security #infosec

trackback

Universal Tips to Avoid DDoS Attack | SecTechno: 5- Adding to /etc/sysctl.conf the following lines:
# Vi /etc/sysc… http://bit.ly/9a7Vdt