DDoS protection

DDoS protectionΒΆ

Criminals utilize various techniques such as attempted DNS reflection attacks or L7 HTTP floods involving large botnets to force organizations to pay a ransom. SYN, TCP, and HTTP DDoS attacks are the most popular. Attackers use NTP, SSDP, and RIPv1 amplification.

To mitigate DDoS attack:

  • Use a load balancing service.
  • Deploy an anti-DDoS solution in DMZ.
  • Cooperate closely with upstream internet service providers (ISP) and ISP CERT teams. ISP can help mitigate DDoS attacks with additional techniques such as BGP blackholing.