![]() Blocking specific IP addresses is also dangerous in that you may end up blocking all users sharing an IP address, even if many of those users are legitimate. It is important to remember that blocking IP addresses in this way may prevent legitimate traffic from those countries. Inversely, IP blocking adds a rule to reject traffic from specific IP addresses or IP ranges making it possible to create rules to disallow traffic coming from China or Russia. If the software is only meant to be used by US citizens, a rule could be created only to allow access to US IP addresses. The rule rejects any IP address outside that range. For instance, if the application is meant to be used only by employees of a specific company, a hardware or software rule could be created to disallow any traffic, not from a specific IP range. The simplest defense against a DoS attack is either allowing only legitimate IP addresses or blocking ones from known attackers. Early detection of an attack dramatically increases the efficacy of any mitigation strategy. Making sure your cloud provider makes scaling decisions based only on legitimate traffic is the best way to ensure your company is not spending unnecessary elasticity dollars due to an attack. Scalable cloud service providers are great (and may even "absorb" a DoS attack transparently) which is fantastic until you receive an enormous bill for bandwidth or resource overuse. Analyzing incoming traffic and determining whether or not it's legitimate is the first step in keeping your service available and responsive. The first step of any mitigation strategy is understanding when you are the target of a DoS attack. ![]() Most common mitigation techniques work by detecting illegitimate traffic and blocking it at the routing level, managing and analyzing the bandwidth of the services, and being mindful when architecting your APIs, so they're able to handle large amounts of traffic. Now that you know what DoS attacks are and why attackers perform them, let's discuss how you can protect yourself and your services. ← DOS Mitigation Strategies How to Mitigate DoS Attacks ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |