Blog Category

How IoT Devices Are Being Used in DDoS Attacks

Most of us use our Google Homes, smartwatches, security cameras, and other handy gadgets on a daily basis. The Internet has undoubtedly made our lives ten times easier than before. However, the thing that makes these devices so convenient and easy to use is the same thing that makes them most vulnerable to malicious cyberattacks.

What is a reverse proxy?

A reverse proxy is a server that sits in front of the webserver, intercepts the request, and either respond to the client with a response from its cache or forward the request to the origin server. A reverse proxy is used to protect the web servers from DDoS attacks, distribute load amongst multiple servers, and utilize its cache to serve static contents without sending requests to the origin server. No client will communicate directly with the server, and the server's IP address will not be revealed to the public.

DDoS Use Case - How we mitigated a 9Mbps DDoS attack?

One of our sister website hosted on cloud server was recently hit by a 9Mbps DDoS, and the apache web server ran out of memory and crashed. The attack lasted more than 2-months with no known reason. We've taken a number of mitigation steps including installation of mod_security with mod_evasive, APF, BFD, DDoS Deflate and Rootkit and Traffic Control, but none came to rescue. Use of Linux provided WAF will mitigate the DDoS to the extent where CPU, Memory and Bandwidth are allowed; and in our case a single CentOS server with 4GB RAM wasn't sufficient to mitigate DDoS.

Denial of Service (DoS) and DDoS Attacks

DoS attack, denial-of-service attack, is an explicit attempt to make a computer resource unavailable by either injecting a computer virus or flooding the network with useless traffic. In simple words, it is similar to thousands of people trying to enter a room from a single entrance, ultimately causing havoc. This not only disturbs the normal operations of the network but also results in poor performance and system breakdown due to overwhelming requests. A large-scale DDoS attack (ranges up to 400 GBps) can affect the internet connectivity of an entire geographical region. There are two types of DoS attacks: computer attack and network attack. Common forms of denial of services attacks are: