DoS attacks are difficult to stop. Companies with a high-profile Internet presence should plan in advance their responses to potential DoS attacks. Historically, many DoS attacks were sourced from spoofed source addresses. These types of attacks can be thwarted through use of antispoofing access lists on border routers and firewalls. Today, however, many DoS attacks are carried out by distributed networks of real hosts that have been compromised for the purpose of building attack networks. Mitigating a large DoS or DDoS attack typically requires careful diagnostics, planning, and cooperation from Internet service providers (ISP).
Was this article helpful?