Blog post

More on DoS and Shared Security

By Anton Chuvakin | May 29, 2012 | 2 Comments

securityDenial of Servicecollective

Here is something else interesting about Denial of Service defense approaches: you cannot do it alone.  Think about it: it is more profound than it sounds. You can protect from buffer overflows and SQL injections on your own.  And, yes, occasionally you’d need a patch from a 3rd party (such as your software vendor), but you can usually  block the the impact of an attack using other technologies even if you don’t have a patch yet.

On the other hand, if your network pipe is full, you cannot do anything [on your own] to make it not be full. No matter what you do in your environment, your connectivity is still down, whether inbound or outbound. In fact, this post exists on the nexus of my research into Denial of Service and collective analytics/ data sharing.

So, at the very least your DoS defense responsibility is shared with your Internet Service Provider (ISP). In other cases, it is shared with your cloud provider. Or, it can me shared with a Content Delivery Network (CDN) or other entity. In essence, these are the scenarios of DoS protection sharing:

  • Your organization + your ISP (they can mitigate the attack when a network pipe from you to them is full; in most cases you’d need to detect it first though)
  • Your organization + your cloud provider (do you realize that if you use SaaS to achieve  a particular business function, such function can be denied by a) DoS’ing your network, b) DoS’ing your provider [or: DoS’ing them enough so that they drop you as a customer…] or c)DoS’ing your link to them)
  • Your organization + your CDN (if you accelerate your web presence by using a CDN, they become an inherent part of your DoS defense arsenal)
  • Your organization + specialty anti-DoS provider (and, yes, if your anti-DoS provider is itself DoS’d, you are ..ahem…”denied your anti-DoS service” … ironic,isn’t it?)

Thus, DoS defense requires sharing. As I pointed out, it is likely that we will be sharing more than just bandwidth for doing many security things in the coming years…

Related posts about Denial of Service:

Related posts on shared defenses:

Comments are closed

2 Comments

  • Thank you for providing the details about Denial of Service defense approaches.

  • Its always important to protect your business. Thanks for this great informative post!