'Net Features : ddos

Learn to Mitigate DDoS Attacks

Amberly Dressler — Wed, 20 Mar 2013 15:30:00 GMT

Despite being a method which has been used for more than a decade, Distributed Reflection Denial of Service (DrDoS) attacks have recently surged in popularity across a number of verticals.

Prolexic, which provides DDoS protection services, recently launched the first of several white papers that discusses and analyzes Domain Name System (DNS) Reflection attacks, specifically.

According to Prolexic, the DNS Reflection DrDoS technique exploits security weaknesses in the DNS Internet protocol, an important Internet feature that allows the public to type in human-friendly domain names instead of numerical IP addresses to access websites.

“DNS Reflection DrDoS attacks are an overlooked but dangerous DDoS attack method,” said Stuart Scholly, Prolexic President. “Prolexic is releasing this white paper to help make DNS server administrators, IT administrators and business leaders aware of this potential security threat against their networks. In addition, the white paper can help victims understand the technical details of what took place, so they can more quickly mitigate these kinds of DDoS attacks in the future.”

Prolexic explains this type of threat as when a cyberattacker leverages zombie computers in a botnet to send domain name requests to DNS servers in a way that causes DNS servers to send a flood of responses to a targeted domain. This kind of DrDoS attack can overwhelm and slow response times, or completely stop legitimate user access, and affects both the DNS servers and the targeted domain.

Additionally, a DNS Reflection attack is relatively easy for cybercriminals to launch, and takes advantage of security loopholes in the DNS protocol, the Prolexic Security Engineering and Response Team (PLXsert) warns. What’s more, it is difficult to pinpoint the source of a reflected DDoS attack, offering anonymity to the attacker.

The DNS Reflection Attack white paper explains DNS and how an attacker exploits the protocol to cause an outage. The white paper is available free of charge at www.prolexic.com/drdos.

Types and Tips for Online Security Threats

Administrator — Sat, 10 Nov 2012 16:11:00 GMT

By Americaneagle.com Chief Technology Officer, Ryan McElrath

There are many common threats against websites today. According to the National Cyber Security Alliance (NCSA) and McAfee, close to one in five Americans report being victimized by a crime that was committed over the Internet. Whether it is a social media website such as Facebook or Twitter, an e-commerce website or a company website, every online platform is vulnerable to security attacks. It’s incumbent upon you to be aware of these types of attacks and make sure you and your hosting company are prepared to handle them.

While online threats are always evolving, there are a few in particular that are currently popular among hackers:

1. There are Web application attacks where hackers exploit vulnerabilities within the website code or Web server security. Common techniques for this include SQL Injection and Cross-site Scripting. A hacker may use an attack like this to extract sensitive information (like credit card data) or post malware, which is then downloaded by unknowing end users of the site.

2. There are distributed denial of service (DDoS) attacks where hackers attempt to take a website offline by overwhelming it with traffic rather than trying to gain access to sensitive data. Botnets of potentially thousands (and thousands) of infected computers spread out around the world are typically used to launch these types of attacks that can last for multiple hours or even days. Outages caused by DDoS attacks can result in heavy financial loss, as well as significant damage to a company’s reputation.

3. There are also social engineering attacks where hackers trick humans into giving them privileged information over the phone or via email, which is then used to log into unauthorized systems. Phishing is an example of this – this is when a hacker sends an email that appears to be legitimate and tricks the email recipient into typing his or her login/password into a website that resembles the real site. The hacker then uses that login/password to gain access to the real website.

Within the last several years, Sony, LinkedIn, Zappos, Yahoo, the South Carolina Department of Revenue and several major universities have all been victims of security breaches that exposed the personal data of millions of people. Meanwhile, large-scale DDoS attacks have knocked a number of high-profile websites offline, including Bank of America, JP Morgan Chase, MasterCard, NASDAQ, the FBI and the CIA.

With each of these types of security attacks, companies need to be aware that no matter how large or small they are, hackers are constantly looking for weaknesses within websites.

Below are a few simple tips on how to reduce the risk of the most common threats that will pay tenfold in the long run:

1. Using a Web application firewall (WAF) is a very effective way to help defend your website against application attacks that attempt to extract sensitive data from your site. A Web application firewall sits in front of your website and filters all requests, blocking requests that match the pattern of common attacks such as SQL Injection and Cross-site Scripting. Imperva’s Cloud WAF is an affordable software-as-a-service (SaaS) product for small to mid-enterprise businesses that offers the highest levels of website security without requiring a large equipment investment.

2. A common misconception about distributed denial of service (DDoS) attacks is the idea that your Web hosting provider will be able to stop any attack against your website with the firewalls within their data center. The reality is that these attacks continue to increase with intensity and regularly overrun even the most powerful of firewalls, causing outages for your website. The best defense against these types of attacks is to have protection through a DDoS mitigation provider that can filter requests through their scrubbing centers before the attack reaches your site’s infrastructure. These scrubbing centers allow legitimate traffic to continue through to your website while stopping the attack traffic that is attempting to knock your website offline.

3. Organizations can better protect themselves against social engineering attacks by training employees on security issues and going over specific methods that hackers may use to trick them into giving up personal information. For example, some common techniques used by hackers include acting like an internal employee or pretending that they’re conducting a survey as a way to justify the types of questions they’re asking. It’s important for employees to know that if they’re suspicious of a call or email, to ask their manager before releasing the information.

Organizations should create an incident response procedure to be used in the event that your website’s security is breached. As part of the procedure, your organization should notify the necessary authorities regarding the attack. This includes your local FBI office as well as the major credit card associations if card data is exposed during the attack.

About the Author: Ryan McElrath is the chief technology officer of Americaneagle.com, which is a Web design and hosting company based in Park Ridge, Illinois. Some of their 5,000-plus clients include Hobby Lobby, New York Giants, NASCAR, Stuart Weitzman, Garrett Popcorn, Chicago Bears, Abbott Laboratories and the U.S. Army.

Learn Hacker Language, Decrease Risk

Amberly Dressler — Thu, 30 Aug 2012 15:00:00 GMT

In order to fight the battle of Distributed Denial of Service (DDoS) attacks, at-risk businesses need to be armed with the same tools as the bad guys.

Prolexic Technologies, a DDoS mitigation service provider, announced it has added an extensive glossary of DoS and DDoS terms to its online Knowledge Center, which will help Web workers understand the tools and methods hackers use to target organizations.

"When faced with a DDoS attack, confusion can quickly set in, especially when an organization's key IT personnel are unavailable," said Stuart Scholly, Prolexic's president. "Decision makers typically aren't familiar with these terms, but have to act fast. This glossary provides one more tool to help them promptly assess the situation and take appropriate action to mitigate any damage."

More than 60 common acronyms and technical terms used to describe these attacks are defined in the Glossary of Terms. The need for Web workers to familiarize themselves with these terms is growing, as according to the Prolexic Security Engineering & Response Team, such DDoS attacks increased 10 percent in Q2 2012.

"Malicious hackers already know this stuff," said Scholly. "They know the difference between a Layer 4 and a Layer 7 attack. When businesses and media can speak their language, too, it becomes more difficult to catch a potential target off guard."

To view the free glossary, click here.

Don’t Let a DDoS Attack Hijack the Holidays

Linc Wonham — Tue, 01 Nov 2011 19:30:00 GMT

Even though Halloween has passed, the next eight weeks can be a particularly scary time for all online businesses but especially retailers. E-Commerce companies are particularly susceptible to Distributed Denial of Service (DDoS) attacks during the fourth-quarter holiday season, as attackers like to cause the most chaos and make the largest possible financial impact.

Because a significant percentage of most retailers' annual revenues are made in the fourth quarter, a serious DDoS attack can be financially devastating.

“Last year we saw attack durations spike in the last three weeks of the year,” says Neal Quinn, vice president of operations at Prolexic Technologies, a leader in DDoS protection services. “Our data shows that the two highest average attack duration figures for the entire year – six days and almost eight days – were recorded during the last two weeks of the year. Typically, we see average attack duration of one to three days, so with longer attacks you can expect more downtime and more financial impact.”

To raise awareness of the increased potential for attack, Prolexic has launched a marketing campaign that suggests retailers put DDoS protection in place or re-evaluate the protection they already have, as it may not be sufficient to stop increasingly large and complex attacks.

“Many e-commerce firms obtain DDoS protection from their ISP, hosting provider or content delivery network,” says Michael E. Donner, chief marketing officer at Prolexic. “What many companies fail to realize is that against the more complex Layer 7 and SSL attacks that target Web applications, these mitigation services consistently fail to work. The campaign raises awareness of this little-known fact.”

The campaign is supported by a number of marketing assets that are available for download. In addition to two new white papers, “’Tis the Season – for DDoS Attacks” and “The Executive’s Guide to DDoS”, a case study on SpaFinder.com, a global online resource for spa and wellness services and products, is also available. Despite having DDoS mitigation services in place from its hosting company, the SpaFinder.com site was taken offline by a Layer 7 DDoS attack over the summer before Prolexic stepped in to mitigate the attack.