Blog


← Back to BLOG

12
Jan
2020
What’s a Distributed Denial of Service Attack DDos?

What’s a Distributed Denial of Service Attack DDos?

Posted by navitend

When an on-line retailer experiences an "outage", it is often the result of a Distributed Denial of Service attack -- or DDOS. 

DDOS atacks are the result of an excessive number of web requests against a single property -- kind of like a coordinated boycott, but in reverse. Because everyone goes to the store at the same time, no one can get in -- more or less.

The way these attacks are carried out involves the use of "bot nets" -- this is where attackers compromise computers, routers, security cameras, set top boxes, etc. They lie in wait like a "sleeper cell", and then at some point they are "activated" to carry out an attack. You don't want your devices to be part of these networks!

In order for one of these attacks to take place, two things need to take place.

First, the infection -- a device is infected and then continues to perform its usual and ordinary function until commanded to perform its nefarious task.

Second, a command is issued to the infected device to carry out its task.

This approach is generally referred to as "Command and Control", or C & C.

How can we defend against this?

Healthy network security involves a concept known as "Defense in Depth".

Defense in Depth means that you have multiple layers of security. Each layer has a purpose and there are often overlapping layers and controls.

One of those layers is to protect your DNS lookups. In particular, you want to make sure that your networked devices cannot receive messages from C&C servers. 

One of the tactics used by C&C networks is to register domain names and rapidly shift traffic such that any given server only exists for a brief period of time and then moves on -- kind of like a drifter moving in and out of motels. Here for a day, and then gone.

One of the layers you can use to defend against this kind of attack is to employ a DNS filtering service such as the one navitend offers to its clients. One of the features of this solution is that it blocks known bad-acting domain names and even blocks domain names which have been registered less than a couple of weeks. If it is a "new" website, you likely don't need to hit it for a couple of weeks. Blocking this traffic is one more step in the Defense in Depth strategy of keeping your network safe.

 

Make your life easier …….

Contact us at 973.448.0070

CATEGORIES

TAGS

zoom workplace working remotely working from home website voip training technology sophos solutions solution security scam risk remote user remote access remote policy policies phones phone phishing password mobile microsoft 365 microsoft information technology information security information hipaa employee training email data security data cybersecurity cybercriminals cyber security cyber insurance cyber attack cyber covid-19 coronavirus consulting computer compliance community communication cloud business backup

Archives

Testimonials

  • "I look forward to working with you again in the future. Once again, thanks to your organization for your prompt response."

    Luke Wolters / Luke Wolters Tax Consultants

  • “Navitend’s expertise helped our firm over the past year to effectively elevate our I.T. game, powering our website into a highly interactive tool. Well done to Frank and his team!”  

    Chuck Steege, CFP®, CEP, President, SFG Wealth Planning Services, Inc.

  • "We've dedicated our lives to growing our retail and ecommerce business and it's a relief to have found a company like navitend who treats our business likes it's their own. navitend's personal approach to project management and problem solving are top-notch."

    Stamatis, Co-owner Twisted Lily, Fragrance Boutique and Apothecary

  • "Thanks so much again for taking care of everything in such an expedient manner. It's a pleasure to work with navitend and its staff as always!"

    Lawrence Wolfin / Textol Systems, Inc.

  • "navitend has been a great IT partner for our company.  Their helpdesk response time is the best I have experienced in my 30 year career.  navitend has helped me to have great IT services without the need to have a full time, in house, technician at significant savings to our company."

    Bob Bradley, President, Bradley Graphics

  • navitend’s approach to customer service is greatly appreciated here.  Ensuring that we are well protected from a technology standpoint provides us with peace of mind to continue our day to day operations and that they are looking out for our company's best interest. 

    Debbie

  • "Thanks so much!  You are a class act!  
    You and your team have really done an excellent job on this!"

    Steve Van Ooteghem, The C12 Group in Houston, Texas

  • "Our company is more efficient and has grown as a result of navitend’s work. navitend helped us get to the next level."

    Greg Niccolai / Madison Insurance

  • "I appreciate that they didn’t just build the application. They made it better by bringing ideas to the table that not only made for a better user experience, but also kept the development costs down."

    Andy Lynch / North Star Marketing