Mitigating cloud server risks during DDoS attacks

975 pts.
Tags:
Cloud Security
Cloud Services
DDOS
DDoS Protection
During recent DDoS attacks, the hackers are able to bring down all customers hosted on the targeted customer's service. Suggestions for mitigating that risk?
ASKED: January 31, 2011  3:59 PM
UPDATED: March 1, 2011  9:12 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Go with a cloud hosting provider that has greater bandwidth then the hackers that are attempting to bring down the service with a DDos attack. As an example in the recent wikileaks DDos attempts, the hackers called off their attempt to shutdown Amazon because they could not exceed the bandwidth/resources that Amazon possessed. There is nothing you can do about a DDos attack by a nation-state simply because only another nation-state would have the resources to counter them.

Ramsey-After thinking about this and considering all options there is a way to do it yourself if you had the resources. There is not a full need to go with hosted cloud solutions. If you have multiple branches in different physical locations you are just as strong as these big guys. Since each of your locations have different Public IP’s and most likely different ISP’s a ddos attack would have to flood and attack each of your ISP’s. With the different Public IP’s as long as you are monitoring your traffic and have backup Cloud Base at another location you just close the one that is being attacked and bring up the other to Master at your other physical location. Bam! That is the answer!

Discuss This Question: 5  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • RamseyB
    If this is a private cloud. Setup a firewall with Ingress and Egress filtering at the Border Gateway to keep information about network internal. The DDos attackers will go after weak computers so this will help hide flaws. Along with that, keep your computers security up to date and manage what internet services they are using, ie internet radio, IM, ect. Don't let them just open ports out so someone can get in. It is all about locking down. Cheers, hope this helps. Cisco has a good guide at http://www.circleid.com/posts/20090322_designing_secure_networks_cisco_technology_part_4/
    2,115 pointsBadges:
    report
  • saturno
    Hi, With all due respect, I tend to disagree with the above point of view. For me, it is a misconception to think that this kind of attack is only about bandwidth. Recently I read this article that for the time being I completely agree.
    4,585 pointsBadges:
    report
  • Garretsonr
    Indeed, hackers attempted to bring down Amazon's EC2 with DoS attacks, but as Compuware's Richard Stone notes in this blog post, Amazon suffered no downtime as a result. The performance-degradation ripple effects were clearly visible using the CloudSleuth performance monitor. But if you were an EC2 customer -- or a customer of any of the major cloud service providers with the scale to combat DoS attacks -- you should be able to sleep at night. --Rob Garretson About me
    10 pointsBadges:
    report
  • RamseyB
    After thinking about this and considering all options there is a way to do it yourself if you had the resources. There is not a full need to go with hosted cloud solutions. If you have multiple branches in different physical locations you are just as strong as these big guys. Since each of your locations have different Public IP's and most likely different ISP's a ddos attack would have to flood and attack each of your ISP's. With the different Public IP's as long as you are monitoring your traffic and have backup Cloud Base at another location you just close the one that is being attacked and bring up the other to Master at your other physical location. Bam! That is the answer!
    2,115 pointsBadges:
    report
  • Sixball
    (unless you're getting hit from both sides.. wah wah wah)
    8,515 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following