• DDoS Attacks (Distributed Denial of Service Attacks)

    What are DDoS Attacks?

    DDoS attacks (Distributed Denial of Service Attacks) are a method of disrupting a website and network. It is just one piece of the threat landscape, however. Online businesses and data center must be protected against all these threats - and not just the much-publicized DDoS attacks.

    The network layer can be targeted with volume flood attacks, network scans and intrusions that consume the network resources - making information unavailable for legitimate users.

    The server layer can be disrupted through port scans, DoS attack tools and other attacks that misuse the resources of the server.

    Finally, the application layer is vulnerable to a wide-range of attacks that exploit holes in the application security, consuming resources or executing malicious commands.

    Radware’s DDoS protection and DDoS prevention solution, DefensePro, helps protect against all these attacks, and the famous DDoS attacks, to stop data breaches, web vandalism and service shutdown.

    What happens during an attack?

    During distributed denial of service attacks on any of the layers mentioned above, there is an attempt to stop legitimate visitors from accessing the data normally available on the website, access private data, vandalize a site, or completely shut down a service. This can happen to sites and businesses in any industry - from financial services such as banks to e-commerce or B2B.

    During the attack, the attackers may flood a network with requests and information. Flooding can be accomplished by a dedicated group of attacker voluntarily using their own machines - such as distributed denial of services attacks from a "hacktivist" group or other organized entity - or they can hijack machines to use for the attack. They may also scan applications and servers for possible exploits, or attempt to force access to sensitive data.

    The motives for attack may differ - from "hacktivism" to criminal intent - and the methods can change. A robust security suite is necessary to ensure that your networks and sites are protected from the latest advances in this constantly evolving landscape. Radware DefensePro keeps your assets protected from intruders and hackers with fast updates and responses to new methods of attack.

    How do you recognize these attacks?

    The symptoms of DDoS attacks are simple - the network being attacked will operate slowly, and servers will begin to crash. Access to the network will be minimal and lag. An attack is not the only issue that can slow network performance or crash a server, but it is a common one.

    Distributed denial of service attacks will often use the same type of request or traffic over and over throughout the attack, which can help identify whether an attack is taking place. An unusually high number of requests from a certain packet type - for instance, ICMP - is a good sign that a distributed denial of service attacks are underway.

    Security solutions, such as DefensePro and Radware’s web application firewall, AppWall, we can help administrators identify this traffic. In many instances, these security solutions can identify unusual requeststhat often mark DDoS attacks and help implement DDoS mitigation strategies before the damage is done.

    Other distributed denial of service attacks may be more difficult to diagnose or present different symptoms. This is why a comprehensive security solution is a necessity.

    How Do You Prevent Distributed Denial of Service Attacks and Other Attacks?

    Radware’s application security and network security products help administrators stop potential distributed denial of service traffic before it can cause damage. Using patented-technology, application firewalls and web application security products from Radware identify and stop suspicious traffic. Administrators have full visibility into this process so they can assess the potential threats and sources. Radware Attack Mitigation Systems include protection at all levels:

    Distributed Denial of Service Protection:

    Our modules protect against the wide-range of flood attacks, including UDP, TCP, ICMP, IGMP and SYN flood attacks.

    NBA:

    A sophisticated network behavior analysis module helps prevent misuse of resources which can indicate an HTTP page flood attack, a DNS attack, brute force attacks and malware propagation.

    IPS:

    The intrusion prevention system works to keep your system safe from application and OS vulnerabilities and exploits, including trojans, worms, bots, spyware and other attacks.

    Reputation Engine:

    Protect your assets against financial attacks like phishing campaigns and more.

    WAF:

    Finally, the WAF module protects against SQL injection, XSS, cross site request forgery, and cookie poisoning.

    Explore your DDoS protection solutions with Radware today to protect your services.