0
Use monitoring service for early detection of DDOS attacks
2018-06-04T20:29:44.997Z4 June 2018

Use monitoring service for early detection of DDOS attacks

Average losses from DDoS attacks are estimated around 50 thousand dollars for small organizations and almost 500 thousand dollars for large enterprises. Eliminating the consequences of a DDoS attack will require additional employee time, diversion of resources from other projects to ensure security, develop a software update plan, upgrade equipment, etc.

A notable trend of DDoS attacks is the expansion of the "list of victims". It now includes representatives from virtually all sectors. In addition, methods of attack are being improved. According to Nexusguard, at the end of 2016 the number of DDoS attacks of a mixed type increased significantly, using several vulnerabilities at once. Most often they were subjected to financial and state organizations. The main motive of cybercriminals (70% of cases) is the theft of data or the threat of their destruction for the purpose of redemption. Less often - political or social goals. That's why the defense strategy is important. It can prepare for an attack and minimize its consequences, reduce financial and reputational risks.

How to monitor DdoS attacks?
You can use a program that will filter incoming requests and provide the necessary level of security for the site, it is possible to monitor the resources of the server infrastructure serving the site. And thanks to such monitoring, it is quick to find out about possible problems with the site.
The use of alarms can be especially effective when adjusting an existing DDoS protection solution to more strongly filter requests in the event of an attack. For example, if there is a significant increase in the response time from site hosting, additional mechanisms that block malicious requests are included.

The following network infrastructure parameters can be used for monitoring and signaling:
- Amount and % of active use of the network connection channel to the server (hosting).
- Status of IT security systems and critical resources (for example,% CPU, Load Average or % wait).
- Known information about the structure of the attack: attacking subnets, the channel used, the type of attack.
- Effectiveness or inefficiency of current protection means (signatures, user verification, blocking). 



Views
14
Shares
0
Comments
0

Comments

Latest news
How to become LIR in 7 days

There is an Internet infrastructure that includes switches, routers, which require a fairly large number of ..

30 August 2018
How to avoid mistakes when choosing a hosting

Everyone says that they learn from mistakes, but sometimes these mistakes can lead to very large losses. The..

17 September 2018
What is the reason for the global increase in the nu..

In April 2017, there were 320 hyper-scalable data centers in the world, and in December their number was 390..

15 November 2018
How likely is it that your site will "fall" during t..

Holidays are a special time for many areas of activity. For some companies it's a dead season, for others it..

5 June 2018

Do you like cookies? 🍪 We use cookies to ensure you get the best experience on our website. By using our website you agree with our policy!

I AGREE