Preventing DDoS Attacks

A DDoS attack can be even more destructive to a server or network than a DoS attack. A DDoS attack, or a distributed denial of service attack, is launched from multiple hosts at the same time. As is obvious, this attack can be much more dangerous to a server due to the fact that the attacks are more widespread, can target multiple components on the server at the same time, and attack in parallel so that the server must try to prevent all these attacks at once. Needless to say, it is important to know what to do to prevent such attacks from damaging or taking down the server.

Here is a walkthrough of tips to use in order to decrease the risk of these attacks:

Prevent harmful packets from infiltrating the server - A good firewall should be installed to filter out potentially dangerous packets. Although potential attackers may eventually be able to get around it, a firewall can be used to filter out and protect the server against part or all of the DDoS attack

Keep resources under control - Many forms of DoS and DDoS attacks work because they use up resources and do not free them. For this reason, logs should be set to automatically rotate and old logs deleted so that this form of attack is under control due to the resources being constantly flushed and cleaned

Be proactive, search for damaging programs - Most DoS and DDoS attacks come from local users and clients. Use a program such as Cfengine to search for suspicious filenames and find programs that could be used to launch such attacks against the server before the attacks are launched

Those tips should be able to keep many servers from coming under attack in the first place. In case of an attack, mods such as Mod_dosevasive should be installed on the server. Mod_dosevasive, in particular, is an extremely potent module on the Apache web server that, when installed, can detect DoS and DDoS attacks and combat them accordingly, many times preventing the server from crashing. The usefulness of a method such as this does not need to be explained.