Thursday, May 05, 2005
Mitigating a DOS attack
So what can be done when a DOS attack occurs? Can it be stopped or its effect mitigated? Well, lets look at a few options:
- Configure your router to block all outbound packets that have a source address that doesnt match your network subnet (this mostly helps when your network/machines are used to conduct an attack on someone else).
- You can use a combination of firewall and Intrusion Detection Software (IDS) to cut down on suspicious traffic.
- Restrict broadcast traffic.
- Rate limit your traffic. Rate limiting restricts the amount of bandwidth a specific type of traffic can consume at any given moment.
- Disallow broadcast ICMP packets through your router
Copyright Anand Jain 2004, 2005. All rights