What’s one of the worst tribulations that can befall a website? How about it being unreachable? And not because the server is playing up, or the host is off for scheduled maintenance. But because of DDoS. Hosting providers, especially those offering budget solutions, have one problem in common in regards to the ever-so-popular floods: one client gets hit… and all on the same structure are forced to suffer.
The problem is not new, only DDoS is gaining speed and it looks like it’d be a good idea to do something about it before customers fly off to a better, DDoS-free place. The least you can do is give them an option to subscribe to mitigation while staying with you.
So, what can you do about it? We’ve put together a quick action plan for such occurrences:
Crucial to any anti-DDoS countermeasure is the ability estimate the scope of the attack and to “isolate” the victim.
Find out which services are being targeted. Is it client webserver(s), DNS servers, mail servers, network nodes, etc.? Usually this is done by checking the NMS for traffic spikes on switch ports, congestions, CPU/RAM usage spikes on all machines and network nodes. In the absence of an NMS or its inaccessibility this is done by checking each node and link separately. If possible, determine the type of the attack (what protocol is being used) and how it compromises the targeted service.
Take Basic Measures To Block The DDoS Attack
After determining the target and type of the attack try finding the source using packet sniffer tools to see the source IP addresses of the packets. If applicable, try blocking the traffic as near to its source as possible. If the source is within the DC that your equipment is located, contact on-site personnel with evidence and ask them to block the attack before your uplink or terminate the misbehaving customer. If the source cannot be determined, ask your upstream provider if they can provide details on where the malicious traffic is originating and whether it can be blocked before entering your networks.
Look for and Obtain External Help
In case, the results from the above steps are still not satisfactory, it is best to seek professional help from a DDoS mitigation company.
Until the day when a miraculous and free cure for DDoS attacks is invented, you’re probably better off doing something about it yourself, protecting your customers and your reputation.