No company should feel they are 100% secured against DDOS Attacks and it should have a proactive process in order to ensure their systems are not compromised. Even bloggers get this attention nowadays, as in the case of Darren Rowse at Problogger.net who suffered a DDOS Attack on his site on 28 Feb 2006.
In the latest spate of DOS attacks, bots are sending queries to DNS (domain name system) servers with the return address pointed at the targeted victim. As a result, the DNS server, rather than the bot, makes the direct attack on the victim. So far, Verisign says 1,500 separate Internet Protocol addresses were attacked using this method.
Under a more common DOS attack, a network of bots, or compromised PCs commandeered by remote attackers, directly inundates a victim's Web server, name server or mail server with a multitude of queries. The goal of a DOS attack is to crash the victim's system, as it tries to respond to the millions of requests. Both Windows and Non-Windows are included in this context and IT Managers should set up a Security event management system to alert them on unusual spikes in CPU or Network activity.
Some Security event management software :
1. NetIQ's Security Manager
2. ArcSight Enterprise Security Manager
Comment Preview