DDoS attacks: What they are and how to protect yourself
by Mirko Zorz - Monday, 24 June 2013.
Most of the time, people who DDoS have no idea how large a reaction they are generating. They are merely trying to achieve their goal of taking down the target. Well, CloudFlare publicized the size of this attack on a daily basis and it enlightened a lot of new crowd to the method. Although it is believed that the CloudFlare final number of 300Gb/s was quite padded and that the real number was more believably around 100Gb/s, this was still a massive amount of bandwidth. As a result, tools popped up all over the place for scanning host machines to add to your database along with tools to execute the attack. This made the process so simple that a 10 year old with Windows had the ability to point and click and in seconds, generate a few Gb/s of UDP traffic.

The unfortunate truth is that EVERYONE is at risk. Sometimes people get attacked and they have no idea why! The source is often someone who doesn't like one’s business, perhaps a competitor or someone trying to extort money.

How important is intelligence gathering when it comes to mitigating the effects of a massive DDoS attack? What type of information are you looking for?

It is extremely important for the entire online community. Mitigating the attack only stops the attack from hurting one specific target, but if you can find the information that will lead to the C&C, this can be reported to several “white hat” groups who volunteer their time into dismantling these botnets so they cannot attack anyone else. It is also important to figure out who the attacker is, in the event that criminal prosecution can be pursued.

What are some of the lessons that you've learned when you mitigated large DDoS attacks impacting your clients?

I learned quickly that no attack is the same. There is no “one size fits all” device out there that will stop every attack. To be responsible, a person needs to have many different tools in his or her arsenal, sometimes used together along with some manual work, to stop some of the more intelligent attacks.

Never assume that you have seen an attack as big as it would ever get. But also, it is worth noting that size isn't everything. It can actually be the smaller attacks, the ones which look quite similar to normal traffic, which are the hardest to stop.

What advice would you give to organizations interested in getting DDoS protection? How can they make sure that they make the right choice when evaluating providers?

When evaluating any potential provider, look at their history. See how long they have been around and ask for some proof. Check there website for original content. There is smaller company out there who is decently known, but their entire site is plagiarized from different companies who sell DDoS mitigation devices. If they cannot write original text on their own site, then I really would not have too much faith in them protecting my interests as a client.

What are the advantages of using GigeNET DDoS protection? What makes you stand out from the competition?

Without a doubt, our best asset is our experience. We are tried and true. I began defending DoS attacks in 1998 when we used to run a shell server and attackers would DoS other people off of IRC chats.

Paul, our network engineer, started the first fully dedicated DDoS protection company in the late 90's and pioneered many of the methods of protection. We joined forces in 2005 and have been at the forefront of the industry ever since.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th