I’ve come across many postings on forums where admins are talking about being hit by DDOS attacks and the servers going down. I’ve been replying to those threads, but I think its time for me to discuss it at length here.
Basically, DDOS means a Distributed Denial of Service attack which are targeted towards a computer, server or a device to make it unavailable on the network. Lot of malicious traffic is directed towards a server or a service which blocks the bandwidth/network. Here are some steps Windows administrators can go through to prevent or fight against it:
– Keep your servers/computers updated with the latest patches, service packs and updates.
– Harden the TCP/IP stack. Here is an article from Microsoft which talk about it: http://support.microsoft.com/default.aspx/kb/324270
– Check with your Data Center to find out what infrastructure security is in place. They may be having a system in place where the DDoS traffic can be routed through a DDoS Mitigation Service. This filters out the attack traffic and allows the legitimate traffic to continue to its original destination.
– If the budget permits, get a good hardware firewall installed in your infrastructure network. If not, then you can also go in for some software based firewall which can filter packets. In the worst case, at least have your Windows Basic Firewall configured.