Share
Explore BrainMass

DoS and DDoS Detection, Prevention, and Mitigation

I need to write an 7-10 page research paper on security methods to prevent, detect and mitigation techniques to avoid various DoS and Distributed Dos attacks.

Solution Preview

This is a very broad subject, so I will attempt to give you a high level overview of things you should focus on and then will provide you with some good industry links for research material.

Detection:
Detection of DoS and DDoS can range from the obvious of your network being shut down to event logs showing a lot of traffic.
1. Create a baseline of traffic. This will allow you as the administrator to know what out of the normal traffic is for your site or your network
2. Use the command lint tool netstat -an This allows you to see all connections to a host. If you see a lot listed as time_wait from unkown IP Address you may be under attack
3. Check event logs for traffic from unknown IP Address

Mitigation
1) Keep firewall rules current. A good rule of thumb for security is deny all and only open traffic to known ports and from known IP Addresses. Sometimes this just isn't possible, so in these situations it may be ...

Solution Summary

A brief overview of how to prevent, detect, and mitigate DoS and DDoS attacks with references.

$2.19