Defensive mechnisms against DDoS (Distributed denial of service)

Unanswered Question
Sep 28th, 2009

I have identified the following mechanisms to prevent and detect DDoS attacks. I would appreciate any additions or corrections on the subject. Furthermore, Can you direct me to any other best practices to detect and mitigate DDoS attacks.

Anti-spoofing mechanisms

• Blockage du dark space

• DHCP Snooping

• ARP inspection

• IP source Guard

• Unicast Reverse path forwarding URPF

• ACL

Managing resource saturation

• QoS

• Rate-limit

• Port security

Control plane and management plane

• Control plane policing CoPP

• Built-in CPU rate limits

• Selective packet discard

• Routing protocol and ARP policing mechanisms

• Traffic storm control

• Directed broadcast

• Cisco express forwarding

DDoS detection

• Netflow

• SNMP

• VACL

Server side protection

• SYNcookie

• Load balancing

• Reverse proxy

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion