Some DoS attacks can be avoided by applying vendor patches to the software that has been compromised. Another way to deal with DoS attacks in the case of an attack coming from a number of known IP addresses is to put up a rule to drop all incoming traffic from those known attackers. Yet another way to deal with these types of attacks is to set up packet filters. This will act as a proxy for connections. Once the handshake is validated it will be forwarded to the correct destination instead of just forwarding the packet to the destination. TCP SYN flooding attack effects can be reduced or removed by limiting the number of TCP connections a system accepts and by shortening the amount of time a connection stays partially open. This is done by limiting the number of TCP connections made at the entry and exit points of the network structures. (Kaeo, 2004) Recently there has been a variation of a DoS attack that has caused further problems. This is known as Distributed Denial of Service attack. How this is accomplished is a number of computers are used to launch a DoS attack. The thought is that these attacks come from the external internet. One of the best ways to mitigate this is to set up a firewall between the internet and the trusted network of the corporation. The first step one should take to eliminate this type of attack it to find out precisely what type of attack it is. You want to filter these attacks by creating an access control list; this will permit or deny traffic. One other way to deal with this is rate limiting. What this will do is limit the quantity of traffic being sent or received through the network. (Kaeo, 2004) Another threat is IP Spoofing. This is accomplished by providing fabricated information about a person’s or host’s identity to obtain unauthorized access to a system. By enabling packet filters at the entry and exit points of your networks you can best guard against spoofing. The external entry point filters should...
Please join StudyMode to read the full document