by Stephen Gates - Chief Security Evangelist for Corero Network Security - Friday, 27 February 2015.
As ISPs, hosting providers and online enterprises around the world continue suffering the effects of DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?”
Traditional techniques of defense include SYN-cookies, SYN-proxy, redirects, challenges, and of course the black hole routing technique to name a few. Most of these techniques have been around since the early 2000’s when DDoS attacks first began to surface.
For those that do not know much about black hole routing, (also called null routing) this technique involves creating an IP-traffic route that virtually goes nowhere. The packets destined for the null route end up in the bit bucket. Null routing is essentially available on every commercial router today and there is little performance impact to silently drop all traffic to a specific destination.
full article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.