Distributed Denial of Service ~ FOG FLAMES

This is by far the most deadly of all denial of service attacks, since an easy fix is hard to come by. Instead of just installing the latest hardware and software, network administrators will usually need extra help with these types of attacks.A distributed denial of service attack, or DDoS, is much like the ping flood method, only multiple computers are being used. In this instance, the computers that are being used may or may not be aware of the fact that they are attacking a website or network. Trojans and viruses commonly give the hacker control of a computer, and thus, the ability to use them for attack. In this case the victim computers are called zombies.

A DDoS attack is very tough to overcome. The first thing to do is to contact your hosting provider or internet service provider, depending on what is under attack. They will usually be able to filter out the bulk of the traffic based on where it’s coming from. For more large-scale attacks, you’ll have to become more creative.

If you have access to your router, and are running a Cisco brand, enter the following command into your router command prompt: No ip verify unicast reverse-path.

This will ensure that attackers can’t spoof their IP address. This will still be a problem for zombie computers however, since those IP addresses aren’t spoofed at all. In this case, you can do one of several things.

Options in DDoS Prevention

1. Hire a security company to assess and repair the damage
2. Buy an intrusion detection system (IDS)

As a last resort, the traffic can be routed to a sink hole, which will route all traffic elsewhere until a solution can be obtained. This will route good traffic and bad traffic- so this is usually not a good choice