Many people have asked me how to evade DOS and DDOS Attacks. In this short discussion, I'd like to explain how I protect my applications or systems from DDOS Attacks.This article is intended for advanced Software developers and IT people, but feel free to read it even if you're beginner. Someday, it might be useful for you.In case you don't know what DOS and DDOS attacks are: DOS stands for Denial of Service and DDOS stands for Distributed Denial Of ServiceBoth of these mean that an attacker wants to attack the server and make it unavailable. When a server or website is not available, we can't use the services offered. Many IT people are scared of this kind of attack.All software developers and IT experts work on improving the overall security, stability and availability of their systems and applications. Yet, sometimes they stumble upon a problem and know the issue, but they can't fix it without losing something else.For example, you may be aware that when you protect your systems from DDOS attacks, you usually improve the availability and stability of your servers, but might often decrease the performance of the application.DDOS attacks are becoming a common way to bring websites and servers down with little effort. They're easy to be executed and pretty hard to protect against, which is why they are so popular and widely used.Let me explain what happens when an attacker DDOSes a server. Because the attack is Distributed, it means the attacker uses thousands of unique IP addresses (usually anonymous). He sends many requests repeatedly from every IP to a server at the same time. The server wants to process every request and send responses with the services it provides to every one of them. But, because the server gets too many requests in a short time, the requests can't be processed. The server crashes and becomes unavailable.The basic indication of a DDOS attack is when you get too many requests from many IP's in short time.When you want to fix that, it's good to know there are some basic methods for protection. Yet, the only thing that you can do to prevent such an attack is to block the response to the attackers. When you're attacked, you'll have no control over the requests from the clients (attacker IP's). You have to identify the attacker as early as possible after the requests have been received.I recommend 2 ways of protection; choose the one that your situation:
1. Buy a Hardware Firewall with DDOS protection and connect it to your configured server.
or
2. Make a DDOS Filtering solution in your software platform and use it.
I'll describe my second option so you can get an idea of how to protect from this kind of attack.To catch the requests as early as possible, an HTTPModule is the right place to start. The HTTPModule is executed before any page or any other handler, so the impact on the server can be minimized. The HTTPModule should monitor all requests and block the requests coming from IP addresses that make many requests in a short period of time. After a while, the attacking IP address gets released from blocking. The non-attacking IP's are still served with the services they need.The module I'm going to show to you works with high performance and lightweight protection from DDOS attacks. It's very easy to implement. In my example, I will explain a solution in ASP.NET.In order to implement this module, you should:- Add the following lines to the web.config <system.web> section:
< httpModules >
< add type = " DosAttackModule " name = " DosAttackModule " />
</ httpModules >
- Then, Download the script from this URL (http://goo.gl/vYcsBp) and put the script into the App_Code folder in your solution.If everything is done properly, your application will now handle the attacks and your server will have some protection. It will never allow over-processing.- You can now test your website/server to see if it's filtering attacker requests. If you're a software developer, you could leverage the concept of this script to make your own script in your platform/programming language. I hope you like my tutorials and find them useful.Feel free to support my work and learn free.I am Dragan Ilievski, Bachelor of Computer Science and IT freelancer in many IT areas.
