DDoS Attack for Distributed Microservices

A Distributed Denial-of-Service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources such as IoT devices.

 DDoS attacks are carried out with networks of Internet-connected machines.

These networks consist of computers and other devices (such as IoT devices) which have been infected with malware, allowing them to be controlled remotely by an attacker. These individual devices are referred to as bots (or zombies), and a group of bots is called a botnet. Once a botnet has been established, the attacker is able to direct an attack by sending remote instructions to each bot. When a victim’s server or network is targeted by the botnet, each bot sends requests to the target’s IP address, potentially causing the server or network to become overwhelmed, resulting in a denial-of-service to normal traffic. Because each bot is a authorized Internet device, separating the attack traffic from normal traffic can be difficult.

To identify our system is DDoS attacked; the most obvious symptom of a DDoS attack is a site or service suddenly becoming slow or unavailable. But since a number of causes; such a sudden spike in traffic that can create performance issues, further investigation is usually required. 

The key concern in mitigating a DDoS attack is differentiating between attack traffic and normal traffic.

There are few ways to tackle the DDoS attack;

Blackhole Route -: One solution available to virtually all network admins is to create a blackhole route and funnel traffic into that route. In its simplest form, when blackhole filtering is implemented without specific restriction criteria, both legitimate and malicious network traffic is routed to a null route, or blackhole, and dropped from the network.

Limiting -: Limiting the number of requests a server will accept over a certain time window is also a way of mitigating denial-of-service attacks.While rate limiting is useful in slowing web scrapers from stealing content and for mitigating brute force login attempts, it alone will likely be insufficient to handle a complex DDoS attack effectively.

Web Application Firewall (WAF) -: A WAF is a tool that can assist in mitigating a layer 7 DDoS attack. By putting a WAF between the Internet and an origin server, the WAF may act as a reverse proxy, protecting the targeted server from certain types of malicious traffic.By filtering requests based on a series of rules used to identify DDoS tools, layer 7 attacks can be impeded.

Anycast network Diffusion -: This mitigation approach uses an Anycast network to scatter the attack traffic across a network of distributed servers to the point where the traffic is absorbed by the network. Like channeling a rushing river down separate smaller channels, this approach spreads the impact of the distributed attack traffic to the point where it becomes manageable, diffusing any disruptive capability.


Comments

Post a Comment

Popular posts from this blog

Interview Questions to Ask the Employer

It's your turn! As the interview comes to a close, one of the final questions you may be asked is "What can I answer for you?" Have interview questions of your own ready to ask. You aren't simply trying to get this job - you are also interviewing the employer to assess whether this company and the position are a good fit for you. Here are questions to ask the interviewer so you can ensure the company is a good match for your qualifications and interests. How would you describe the responsibilities of the position? How would you describe a typical week/day in this position? Is this a new position? If not, what did the previous employee go on to do? What is the company's management style? Who does this position report to? If I am offered the position, can I meet him/her? How many people work in this office/department? How much travel is expected? Is relocation a possibility? What is the typical work week? Is overtime expected? What are the prospects for growth and a...
Read more

Place .NET DLL in GAC

Today other team guy has asked me help as he was facing some problem in trying to place a .NET DLL in GAC where he does not have source code with him. Potentially you just have to follow regular steps as mentioned below to place the DLL in GAC; 1. Generating the public key: Go to visualStudio.Net command prompt and type the following command: sn -k keyfile1.snk Here keyfile1.snk is the keyfile we are generating. You can store this key file in the bin folder of the assembly. In order to do this u have to go to the bin folder. For example: C:\foldername\assemblyname\bin sn-k keyfile1.snk By doing this the keyfile is stored in the bin folder. 2. Than place the keyfile into the Assembly. Go to AssemblyInfo.cs file: [assembly: AssemblyKeyFile("C:\foldername\assemblyname\keyfile1.snk")] 3. Then build the Assembly. 4. Placing the assembly into GAC This process is fine when you have source code with you. What if you don't have the source code with you and you need to put it to t...
Read more

Windows Communication Foundation - FAQ

Image
Difference between Web Service and WCF? Major Difference is That Web Services Use XmlSerializer But WCF Uses DataContractSerializer which is better in Performance as Compared to XmlSerializer. Key issues with XmlSerializer to serialize .NET types to XML Only Public fields or Properties of .NET types can be translated into XML. Only the classes which implement IEnumerable interface. Classes that implement the IDictionary interface, such as Hash table can not be serialized. The DataContractAttribute can be applied to the class or a strcture. DataMemberAttribute can be applied to field or a property and theses fields or properties can be either public or private. Web Services : 1.It Can be accessed only over HTTP 2.It works in stateless environment WCF : WCF is flexible because its services can be hosted in different types of applications. The following lists several common scenarios for hosting WCF services; IIS WAS Self-hosting Managed Windows Service Important difference ...
Read more