Preventing Distributed Denial of Service Attacks: Seven Best Practices

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Preventing Distributed Denial of Service Attacks: Seven Best Practices-8 Next

Do not wait for hackers; Get a regular checkup

Organizations cannot fix problems they aren't aware of. In order to identify issues, it's important to work with a specialist rather than taking the "free clinic" approach and trying to assess problems on your own. Specialists can perform assessments in three different scenarios: Black Hat, Grey Hat and White Hat.

A Black Hat checkup is when the specialist doesn't have any knowledge of the customer's environment and attempts to penetrate their system like a malicious attacker. Any previous knowledge is derived from research and resources that an actual attacker would have at their fingertips. A Grey Hat is when the "attacker" has limited knowledge of the company and its operation, and only utilizes information such as the website IP address or whether there is an IDS/IPS deployed. Finally, a White Hat checkup means that the hacker is provided with complete knowledge of the company, including internal and external IP schemes, IDS/IPS deployments, firewall deployed and network diagrams.

Finally, it's important to educate internal teams and frequently retest. By following these steps, organizations can identify risks, test vulnerabilities and work on patching proactively.

2014 is shaping up to be the year of the distributed denial of service (DDoS) attack. A DDoS attack is when malicious codes infect a computer, triggering mass attacks against targeted websites, making them inaccessible to regular users. If the attack is strong enough to affect network equipment at the perimeter of the target (e.g., firewalls), the entire network of the service under attack may stop responding.

A DDoS attack can be incredibly difficult to defend against despite the fact that it isn't considered very sophisticated. Many DDoS attacks succeed because organizations do not understand how to protect against them, and have not made it a priority. Security managers are generally well versed in choosing the most fitting technologies to counter threats such as intrusions, worms and Web application exploitations. But there is a common misconception among the security community that these same technologies can also be relied upon for DDoS protection. Perhaps the biggest misconception tied to DDoS attacks is that installing and running a single protective software on a well-known Internet platform or host is sufficient to keep the organization safe. This has been disproved in spades as recent attacks to major websites have rocked the IT community.

In this slideshow, Zensar Technologies has outlined the steps an organization can take in order to better protect itself as DDoS attacks continue to gain traction. These steps include a combination of anti-DDoS technology and anti-DDoS emergency response services.  

Zensar Technologies delivers comprehensive services in mission-critical applications, enterprise applications, e-business, business process management and knowledge services. Zensar has developed tools and methodologies, including the proprietary Solution BluePrint (SBP), which enables its clients with innovative business solutions and a rapid 'go-to-market' capability.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.