Appendix D. Mitigating Distributed Denial-of-Service Attacks

Distributed denial-of-service (DDoS) attacks are causing havoc in networks around the world, but in many instances there are steps that you can take to mitigate these types of attacks. This appendix attempts to detail some of the steps that you may take on network infrastructure routers to cause the least amount of harm in any network.

Understanding DoS/DDoS Attacks

Denial-of-service (DoS) attacks are common on the Internet. The first step in responding to such an attack is to find out exactly what sort of attack it is. Many of the commonly used DoS attacks are based on high-bandwidth packet floods, or on other repetitive streams of packets. Many of these attacks were described in Chapter ...

Get Designing Network Security Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.