Distributed denial of service (DDoS) are among the toughest problems IT administrators have to face. On the one hand, they don’t involve the loss of corporate data. On the other they can temporarily put the enterprise out of business. Tim Turner, the London-based CIO for a social media blogging site called LiveJournal often faces DDoS attacks. In an interview with NetworkWorld U.S. he offered tips on how to handle them. Images from Shutterstock.com

Early warning

Recognize when an attack is happening. That means having either an anti-DDosS system in your data centre or a contact with an anti-DDoS provider. If the latter, you have to have a good relationship with the provider, Turner says, so it’s ready to turn on deflection when needed.INSIDE Flood SHUTTESTOCK

 

Sharing is everything

Make sure your anti-DDoS provider shares data. Some won’t share botnet source addresses or other data that might profile the attacker. The provider and customer have to work well together because as the attack goes on decisions have to be made on strategies.

INSIDE Share SHUTTERSTOCK

Know what’s coming

There isn’t one kind of DDoS attack: Some target applications, others user SYN floods. Some combine techniques. You’ve got to understand what you’re dealing with in order to craft a solution. As expected, the blended attacks are the hardest to handle, says Turner.

INSIDE Insight SHUTTERSTOCK

Time isn’t on your side

DDoS attackers apparently have an eye on calendars when they strike LiveJournal: It’s been hit around holiday periods, perhaps thinking there are fewer IT staff around. And be prepared for surprises, like attackers trying to extort money to turn off their work. Turner says industries have to share more information about attacks.

INSIDE time, clock  SHUTTERSTOCK

Make sure the price is right

Pricing by DDoS providers can be complex, with some fees based on ensuring clean pipe, while others will charge even if your bandwidth isn’t completely clean. Be careful.

INSIDE Price tag SHUTTERSTOCK


Previous articleEight security takeaways
Next articleEase the pressure on IT security staff
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com