How to prevent a denial-of-service (DoS) attack

While it may not be possible to fully eradicate the risk of DoS attacks from an enterprise, there are steps that infosec pros can take to prevent them. In this expert response, Mike Chapple gives pointers on how to prevent DoS attacks.

Is it possible to prevent denial-of-service (DoS) attacks from affecting an enterprise network? If so, how can...

it be done?

In short: no. There's no way to completely protect your network from denial-of-service attacks, especially with the prevalence of distributed denial-of-service (DDoS) attacks on the Internet today. It's extremely difficult to differentiate an attack request from a legitimate request because they often use the same protocols/ports and may resemble each other in content.

However, there are some things you can do to reduce your risk:

  • Purchase a lot of bandwidth. This is not only the easiest solution, but also the most expensive. If you simply have tons of bandwidth, it makes perpetrating a DoS attack much more difficult because it's more bandwidth that an attacker has to clog.
  • Use DoS attack detection technology. Intrusion prevention system and firewall manufacturers now offer DoS protection technologies that include signature detection and connection verification techniques to limit the success of DoS attacks.
  • Prepare for DoS response. The use of throttling and rate-limiting technologies can reduce the effects of a DoS attack. One such response mode stops all new inbound connections in the event of a DoS attack, allowing established connections and new outbound connections to continue.

DoS protection is more art than science, requiring a combination of techniques to limit the impact of such an attack on your organization. Good luck!

More on this topic

This was last published in June 2009

Dig Deeper on Denial of Service (DoS) Attack Prevention-Detection and Analysis



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I recently had a CISSP qualified person tell me that a DoS attack could hack through our WiFi router to gain access to our WiFi network, even though I have a 13 digit password to gain access to the router, and I have all nine (9) devices MAC addresses listed in the MAC Allowed Wireless Authentication List in the router BIOS, as well as the three hard wired devices MAC addresses. I don't understand how a DoS can somehow overwhelm our router to get through its firewall (set on High setting) and the other passwords (router admin P/W and SSID P/W) and MAC List to gain access to our network. Can a DoS attack alone somehow crash through the router the way I have it setup to gain access to the network?