Comments on: How to Prevent Denial of Service Attacks

By: Ibrahim Hudhaif

Ibrahim Hudhaif — Sun, 15 Nov 2009 12:51:47 +0000

First of, I don’t think buying IDS would effectively help avoiding DDoS. IDS is only after facts device and do not help to overcome such an issue.

IPS could be much better than IDS but still if you don’t have a good relationship with your ISPs by retaining an emergency contacts of the technical staff and proper procedure of what to do if that happen! Because it would a panic time… so some written documents should guide on what do!

By: Ramil

Ramil — Sun, 11 Oct 2009 10:59:26 +0000

I was told to help organize and prevent a DoS attack for a web-site for testing purposes. This was really helpful to start with. Great job! Tnx a lot.

By: Erin

Erin — Fri, 11 Sep 2009 12:32:32 +0000

DDoS attacks are done using the ping flood method.
No ip verify unicast reverse-path is only going to filter out the actual attacker but not all the zombies because they are coming from legit IP’s.
DDoS attack zombies sometimes are in specific geographic areas….so lets say some guys in Korea has it out for your company or website….and 90% of his zombies are in Korea….you can filter whole A or B blocks of IP’s…..if it is truly distributed….things get really hairy really quickly.

By: Eric

Eric — Tue, 11 Aug 2009 03:20:37 +0000

Well written but I hope you’re open to critizism.

You talked about all the details of the DoS attacks until you reached the DDos. At that point you just explained what a zombie is which really says nothing about the actual attack of each individual zombie, it only describes that you are being attacked from multiple vectors. Are those vectors using tcp syn, smurf, pod, fraggle, teardrop or what? I would expand on DDos a little more. Maybe cit examples like Kraken or Srizbi and what specifc methods they use.

By: varun naresh

varun naresh — Fri, 07 Aug 2009 14:46:03 +0000

This article is so awsome XD !

Amazing really !

well done !

By: Criminal Justice Collaboratory: CyberSecurity

Criminal Justice Collaboratory: CyberSecurity — Thu, 16 Jul 2009 23:04:12 +0000

[...] http://learn-networking.com/network-security/how-to-prevent-denial-of-service-attacks http://en.wikipedia.org/wiki/Denial-of-service_attack http://www.webopedia.com/TERM/D/DoS_attack.html [...]

By: Ulan

Ulan — Wed, 08 Jul 2009 11:02:04 +0000

Clear and simple explanation.
Thanks!

By: nkuba ngonga

nkuba ngonga — Sat, 30 Aug 2008 17:41:14 +0000

its the best article i have seen so far.keep it up. it helped me understand network security baics

By: shwe

shwe — Mon, 04 Aug 2008 23:50:46 +0000

very helpful.

By: lookman

lookman — Wed, 02 Jul 2008 09:59:46 +0000

Goodday,
This articles are well okay.