Proven Practices For Securing Your Website Against DDoS Attacks
description
Transcript of Proven Practices For Securing Your Website Against DDoS Attacks
Proven Practices for Securing Your Website Against DDoS Attacks
Kevin Beaver, Principle Logic, LLC Andrew Sullivan, Dyn
A bit about Kevin Beaver
● Independent consultant 25 years experience in IT –
19 years in information security Focus on performing technical
security assessments ● Expert witness
Data breaches, security best practices/due diligence, compliance, and intellectual property cases
● Speaker ● Writer
● Creator/author of Security On Wheels audiobooks & blog
(securityonwheels.com)
A bit about Andrew Sullivan
● Director of Architecture for Dyn, an Internet performance company ● 15 years in the Internet industry ● Co-author of the DNS 64 specification ● Active in the Internet
Engineering Task Force ● Member of the Internet
Architecture Board
Insanity is…
“Doing the same thing over and over again and expecting different results.”
-‐Albert Einstein
Defining the term
More than one soft underbelly
P SYN floods P UDP amplification P Botnets SYN floods
UDP amplification
Botnets
Botnets are cheap and easy!
Why do they do it?
The main driver
Common vulnerabilities
How do DNS attacks work?
Someone else performs attack
Response size is key
In the words of Kevin…
“You cannot secure (or respond to) what you don’t understand.” -‐Kevin Beaver
Situational awareness
Additional Resources
● Kevin’s website: principlelogic.com/resources
● Kevin’s blog: securityonwheels.com/blog
● Kevin’s audio programs: securityonwheels.com
● Kevin’s latest books:
● Three Ways Companies Can Avoid DDoS Attacks (webinar) brighttalk.com/webcast/10729/113345?ContentHub
● DDoS 101 (video): dyn.com/dynedu what_is_a_ddos_attack/
● The Cost of a DDoS Attack (whitepaper) pages.dyn.com/evaluating-cost-of-ddos.html
Your plan of action
“Before everything else, getting ready is the secret to success.”
-‐Henry Ford