DDoS stands for Distributed Denial of Service, which means “decentralized denial “. If a server is successfully exposed to a DDoS attack, it denies the service and can no longer handle further requests from PCs.
This means that, for example, an Internet website is no longer reachable because the associated server is overloaded with “DDoS queries”. There are different types and methods of DDoS attacks.
- DDoS Attack: What is it, how to recognize and ward it off?
- SynFlooding Attack – How Does the DDoS Attack Work?
But how do you protect yourself from DDoS attacks?
DDoS protection for PC:
PCs are rarely the target of a DDoS attack, as they are usually “too unimportant”. However, things may look different with home servers like a NAS (Network Attached Storage). These can be set up so that they are accessible from the Internet.
Cybercriminals can then exploit vulnerabilities to transfer malware to servers and encrypt private data. After that, the loss of data is usually threatened unless the attackers receive huge amounts of money. NAS manufacturer Synology has had such DDoS attacks in the past that the malware spread the “IptabLes” and “IptabLex”.
If you have a NAS system or a private server, you can do the following for DDoS protection:
- Disable Internet access to the server unless it is required.
- Restrict access from the Internet through IP restrictions or restrict access to specific source IPs in a country.
- Use secure passwords for server login from outside and enable automatic blocking if you log in incorrectly.
DDoS protection for servers:
Most server systems are the target of a DDoS attack that provide certain services on the Internet, such as a website or streaming service.
To protect your servers from a DDoS attack, you need a protection that detects, filters and blocks the traffic of the attackers, but forwards the “right” data requests to the Internet users. There are the solutions On-Premise or In the Cloud.
During a DDoS attack, data is sent to the cloud-based servers for review and cleanup. Source: Kaspersky
- On-Premise: In the provider’s company or backbone, a device is installed in the Internet, which filters out unwanted traffic.
Advantage: No network changes required
Disadvantage: Not suitable for large volumetric attacks
- In the Cloud: The cloud method comes in two options: To protect individual servers, the company’s DNS entry is converted to a virtual address in the provider’s scrubbing department. Traffic is checked and forwarded only if it is ok. The second: To completely protect the network, the traffic is transmitted via the BGP protocol to the scrubbing department. Approved traffic is then routed to the company via a GRE tunnel.
Advantage: Also suitable for large volumetric attacks
Disadvantage: Manual intervention in the network configuration necessary
- In addition, there are monitoring solutions that examine network traffic on DDoS access points.
Anti-virus maker Kaspersky, for example, offers protection against DDoS attacks . But there are also other providers on the Internet who have specialized in it. Here you have to see which solution suits your company.