Targeted denial-of-service attacks on servers, computers or other components in the data network repeatedly paralyze websites and mail servers. It is not yet possible to protect yourself from this. What remains are various ways to withstand such attacks. One method is blackholing.
Experts warn companies and organizations again in the first quarter of 2020 against the sophisticated DDoS attacks. The number of the attacks has been in the same high level since the last three years. A dangerous trend in the quality and complexity of these attacks. Areas of attack include well-known websites such as Facebook and Instagram, which were unavailable to users for hours last year due to massive DDoS attacks. Effective protection is not yet in sight. And stopping the attacks is also hardly possible. They often last until they no longer have an effect.
Block Or Eliminate Malicious Traffic
If it is a simple DoS attack, this usually occurs from a single or very few IP addresses. These are usually relatively easy to identify and can then be blocked. This is often not sufficient for DDoS and DRDoS attacks due to the immense amount of data. In addition, the traffic in such attacks is so intelligently distributed that it sometimes takes several days to weeks to be identified. One way to withstand such attacks is to identify and eliminate the malicious traffic.
An exposed host analyzes the incoming requests, for example based on the signatures, sender addresses or protocols. It recognizes the real requests and forwards them to the server for normal processing. If the number of requests increases, there is a risk that the exposed host will reach its limits and additional exposed hosts will be required.
Decide In Individual Cases
Which measure is the best choice in the event of an attack depends on the individual case. It should be borne in mind that some methods require a little time in advance. For example when profiling, the time to create the activity profiles must be scheduled. The geographical distribution also only works with appropriate preparation. Traffic washing or scrubbing is now also possible. The bandwidths and resources required for this have been established. If customers have their own infrastructure or firewall, geoblocking can also be implemented very quickly.