Q

How to prevent DoS attacks in the enterprise

It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares pointers on how to prevent DoS attacks.

Is it possible to prevent denial-of-service (DoS) attacks from affecting an enterprise network? If so, what are...

the best strategies for DoS attack prevention?

In short: no. There is no way to completely defend the network from denial-of-service attacks, especially with the prevalence of botnet-driven distributed denial-of-service (DDoS) attacks on the internet today. It's extremely difficult to differentiate between a malicious request and a legitimate request because they often use the same protocols/ports, and they may resemble each other in content.

However, there are some steps you can take for how to prevent DOS attacks  to reduce the risks such as the following:

  • Purchase a lot of bandwidth. This may be the easiest solution, but it is also the most expensive. If an enterprise has tons of bandwidth, it makes perpetrating a DoS attack much more difficult, as it's more bandwidth that an attacker has to clog.
  • Use DoS attack identification and detection techniques to help differentiate between legitimate and malicious traffic. The first step in reducing the damage of how to prevent DoS attacks is to reliably identify when an attack is under way; this can be done using activity profiling, which measures average traffic rates and flags significant increases in traffic. Being able to detect a DoS attack can also help organizations determine which kind of attack is underway, such as a DDoS attack or a domain name system amplification attack.
  • Prepare for DoS response. The use of throttling and rate-limiting technologies can reduce the effects of a DoS attack. One such response mode stops all new inbound connections in the event of a DoS attack, allowing established connections and new outbound connections to continue.

More on this topic

Get further advice on preventing DoS attacks

Looking to prevent DDoS attacks? Read more

How to prevent DoS attacks is more art than science, requiring a combination of techniques to limit the impact of such an attack on an organization. Good luck!

Next Steps

Learn more about how to handle email denial-of-service attacks

Find out more about defending against cloud denial-of-service attacks

Read about using a multipronged defense against denial-of-service attacks

This was last published in December 2016

Dig Deeper on Denial of Service (DoS) Attack Prevention-Detection and Analysis

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How has your organization prevented denial-of-service attacks?
Cancel
I recently had a CISSP qualified person tell me that a DoS attack could hack through our WiFi router to gain access to our WiFi network, even though I have a 13 digit password to gain access to the router, and I have all nine (9) devices MAC addresses listed in the MAC Allowed Wireless Authentication List in the router BIOS, as well as the three hard wired devices MAC addresses. I don't understand how a DoS can somehow overwhelm our router to get through its firewall (set on High setting) and the other passwords (router admin P/W and SSID P/W) and MAC List to gain access to our network. Can a DoS attack alone somehow crash through the router the way I have it setup to gain access to the network?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close