Digest: 40 materials on the topic of DDoS attacks and protection from them

Today we decided to prepare for you a selection of 40 materials (with Habra and other resources) on network and cloud security issues, namely protection against DDoS attacks. Note that in these articles both theoretical aspects of the issue and effective practical solutions are considered.


/ Flickr / m1try / CC

---

About attack types

IaaS provider and security issues

In this material, we talk about how a cloud provider protects itself and its customers from all sorts of threats in the face of growing demands for performance and scalability.

Business cloud services and DDoS protection

We analyze the situation with the protection against DDoS in our country. Which organizations present their products on the Russian market?

DDoS as a current security issue for a business

For those who are not familiar with DDoS attacks, Pentestit prepared a brief on distributed denial of service attacks.

Artem Gavrichenkov, Qrator - DDoS-attacks [Video lecture]

Artem Gavrichenkov, technical director of Qrator Labs, a company that is one of the world leaders in dealing with DDoS attacks, tells us what DDoS attacks are, how they are and how to fight them.

What is DDoS: Explains MakeUseOf

What makes a DDoS attack, how it works and what effect it has on the target system. The authors also understand several of the most common types of attacks (with pictures).

What is DDoS: Explains IGN

What is DDoS-attacks, and what impact they have on gaming services.

Types of DDoS Attacks: Infographics

GlobalDots experts have brought together the most common questions related to the types of DDoS attacks into one big infographic.

35 types of DDoS attacks

Another list of varieties of DDoS attacks.

How does a DDoS attack on JS

CloudFlare employees tell us how DDoS works in JavaScript, and why this type of attack remains one of the main problems on the Internet.

DDoS: How UDP attacks work

This is one of the most common types of DDoS attacks. The author tells how it works and why it is so difficult to defend against it.

---

DDoS protection methods

A little about the types of DDoS-attacks and methods of protection

According to the research, the scale of DDoS-attacks have increased by about 50 times over the past few years. VAS Experts experts consider in this material various types of DDoS-attacks, as well as ways to protect against them.

Danger and Security - Virtual Arms Race

The essence of this reality is that opposing processes, competition or war always take place in the world. The cyber-arms race has been going on for a long time. The author of the article talks about the most high-profile DDoS attacks in the world, as well as the potential and dangers of the Internet of things in the modern world.

What DDoS protection services do not negotiate or why protection does not work

The reason for this article was a security audit in one Internet project. The author tells about the situation when the customer asked to understand their security system and check its reliability. As it turned out, the customer was absolutely not protected.

Not quite well-known solutions for the protection of IT business infrastructure

The classic approach of the Russian business today is the installation of a firewall, then after the first attempts of targeted attacks, an anti-intrusion system. However, in practice, with any more or less serious threat, you need something extra, in addition to the classical means.

How to survive DNS DDoS

How do companies continue to function during a massive DDoS attack on a DNS provider? Well, one option is to work with multiple DNS providers.

DDoS looking for power

Many have heard of the attacks of DNS amplification and NTP amplification. Much has been written about these two types of attacks on UDP. But what other protocols can be used for amplification? This article discusses the tftp protocol.

FastNetMon 1.1.2 release for open DoS / DDoS attack monitoring solution

A complete list of program changes, a list of supported platforms and binary packages (as well as an automatic installer).

How to survive 300 million packets per second

How things are going in the field of DDoS harm reduction equipment.

How to counter DDoS attacks with NGINX and NGINX Plus

In the summer of 2015, a story appeared on the NGINX project blog about how it can be used to counter DDoS attacks. Here are his highlights.

Features of the use of machine learning in the protection against DDoS attacks

This post was prepared based on the speech of Konstantin Ignatov, Qrator Labs, at the partner conference "1C-Bitrix". Here are the following questions: how to know that a DDoS attack has started on your site. How does your security system determine that you are attacked? What are the ways to protect?

DDoS attack bypassing Qrator. How to protect yourself?

There are services that protect us from DDoS attacks. They work like a proxy. All of them strongly recommend hiding your IP and provide only the IP proxy protector. It is a sound approach, sufficient for successful protection. However, the author tells about where you can pierce and how to protect against it.

Attack on the oracle. Detailed Guide for Oracle DB Attack Vectors

How to feel the weak points of the base from the outside, penetrate and gain a foothold inside. Plus, how to automate all this with the help of specialized software.

Fail2ban integration with CSF to counter DDoS on nginx

CSF and Fail2ban solutions interact poorly within the same server, as they treat iptables rules differently. In this article, the author solves this problem using the example of the Linux OS Debian v7.XX amd64, extracting the maximum of the capabilities of both tools. As an example, protection against DDoS attacks on NGINX is also organized.

How not to "punch" yourself

The greatest threat to applications comes not so much from third parties and external factors, but from the source code itself. Google’s engineers have identified three major mistakes in architectural design, as well as ways to avoid them.

DDoS Protection Guide

How ProtonMail added protection against DDoS.

---

Little bit about botnets

Standard passwords helped create a botnet from nearly 400,000 IoT devices

At the beginning of October, the code for the components of the large IoT-botnet Mirai was published online. It was reported that the botnet mainly includes IoT devices, including video cameras and DVRs, and its total size at the peak reached almost 400,000 devices, with the help of which attackers can carry out extremely powerful DDoS attacks.

The botnet that broke the Internet won't go anywhere

A few more words about the Mirai botnet and why it is so difficult to destroy.

Threat Advisory: Mirai-based botnet

The document, which contains information about events that occurred before and after the publication of the code Mirai.

How to avoid becoming a bot in Bittorrent DHT and other P2P networks

The Bittorrent DHT network allows you to find torrent sources by hash from magnet links. The network consists of nodes that can be both Bittorent clients and malicious programs that interfere with the normal operation of the network. The author provides a set of thoughts and solutions that will allow writing more efficient and secure clients for P2P networks.

Monopoly on DDoS: Two hackers have created a botnet of 1 million devices based on Mirai

Last year, attacks were launched on large sites like Twitter or Spotify, which temporarily disabled them. For this, the Mirai botnet was used. Two hackers managed to take control of the botnet and create a new version of it - it brings together a million devices.

1 million webcams infected with the BASHLITE worm and used for DDoS attacks

News: over a million internet-connected video cameras and DVRs have been compromised and are part of the botnet that its creators use to conduct DDoS attacks.

---

miscellanea

How we fulfilled the requirement of Roskomnadzor with benefit for business

A story about how IT-GRAD complied with the requirement of the RKN for counting filtering nodes, in parallel with implementing the client protection function against DDoS.

IaaS for business: How Russian business moves to the “cloud”

Today, many companies are deciding to switch to cloud technologies, as they help to solve and optimize many tasks. What cloud technologies are preparing for the Russian business.

A selection of free tools for developers

Adapted selection of tools (including cloud) for developers who allow you to create truly high-quality projects. There are solutions for CDN and DDoS protection.

Blow from the past: RIPv1 DDoS attack, or the old routers are dangerous

News: attacks using the outdated routing protocol RIPv1 have been seen again since May 16, 2015, after more than a year of oblivion. They were recorded first by Akamai, and after a couple of days - by DDoS-GUARD.

Linux DDoS Trojan is hidden behind a built-in rootkit

Translation of the article “Linux DDoS Trojan hiding itself with an embedded rootkit” from the blog of the anti-virus company Avast.

UDP for games (encryption and DDoS protection)

This is a chapter from the book Development & Deployment of Multiplayer Online Games. The author explains why you should use encryption when developing online games.

The biggest security threats that await us in 2017

What awaits us in the coming year. The authors of Wired build their assumptions based on world news.

How a DDoS attack became an act of cyberwar

On the difficulties that can bring cyber war, and the events of September 12, 2012.

We study the effects of a small DDoS attack

Christopher C. Wells understands the nature of a DDoS attack on one of the work sites. He gives an analysis of logs with comments.

---

PS We also recommend to pay attention to a selection of useful sources on the topic of IaaS, IT infrastructure and cloud technologies.