Login

Home > Products & Services > Additional Test & Measurement Products > Wireline Communications Test Equipment > Agilent N2X > Library > Insight Q&A: How do Service Providers mitigate Denial of Service attacks?

 

Insight

 -

Contact Us

Japanese / 日本語

Contact Us

Contact Us
For Next Generation Multi Services Testing

Answers to your Questions

I heard that customers complained when Telstra's data network slowed to a crawl last year due to two malicious Denial of Service (DoS) attacks. How do Service Providers ensure that their network services are not susceptible to the latest kinds of attacks from hackers?

Here are some techniques you can use to mitigate Denial of Service (DoS) attacks:

  • Use router filters to block or drop malicious packets - for example, packets from unreachable hosts, packets whose source and destination IP addresses are the same, and IP or UDP packets that are incorrectly fragmented.
  • Rate limit ICMP traffic on customer access connections and at peering points to reduce the impact of DoS attacks that make use of ICMP messages such as "Ping".
  • Use router access lists, traffic engineering capabilities, or network management tools to block, limit, or simply detect suspicious traffic originating from specific hosts or subnetworks that are known to be sources of offending traffic.
  • Use a low-priority queue for TCP SYN traffic originating from the target of a SYN Flood (TCP SYN) attack.
  • Provide your network operations staff with automated tools that can quickly block malicious traffic from a particular network ingress point once it is detected.
  • Disable specific router or router protocol features that have known security holes.
  • Upgrade your router software to the latest release, or look for an appropriate patch from your router vendor.
  • Use your router's proprietary reporting mechanisms to detect attacks.
  • See router vendor web sites for detailed instructions about how to configure their routers to mitigate DoS attacks.

You can also simulate DoS attacks in your lab using a single out-of-service router to determine your network's susceptibility to DoS attacks and to measure the performance degradation during such attacks. Once you have used the techniques mentioned above to mitigate attacks and tune performance, you should verify the improved resilience and performance of the router under test by simulating attacks such as the following:

Network Services Infrastructure Devices Under Test Technology Industry Solutions