Tips to fight the Botnets
Botnets are another nasty that will try to attack your network. Here are some suggestions to fight them.
“Botnet DDos attacks have now passed the 40 GBPS barrier”. This is according to Arbor networks of America. On Average there are now 1.9 million Bots per BOTNET which is a frightening statistic, especially when you consider the BOTNET attacks are some of the hardest to combat against.
So just what is a BOTNET attack? well to put it simply, think of a botnet as an army that is marching on your network. Your own defensive army cannot withstand the attack because they are being outnumbered and because of this, your network is brought to a standstill. BOTNET attacks can be small or large, it can bring down a server or bring down your entire network, it just depends on the person who is setting up the attack.
Often BOTNET attacks are for monetary gain. You could be threatened with a BOTNET attack and asked pay a ransom, and unless you pay the money your network will be taken down.
So what can you do if you get hit by a BOTNET attack? It really depends on the type of attack you on the end of to be honest. Here are some tips to avoid a full on DOTNET attack.
ISP protection.
Your ISP can protect you from BOTNET attacks through a cloud; basically your traffic can be policed while passing through the cloud. The cloud cleans your traffic before allowing it to your internet pipe.
RFC3704 Filtering.
A popular choice. Basic ASL filters that insist that internet packets should come from a valid allocated address space. Basically if the traffic is coming from an unallocated ip address then it won’t get through.
Black Hole Filtering.
A very efficient technique. Black hole filtering is done in conjunction with your ISP. Black hole filtering is a way of dropping nasty traffic before it hits your network.
Cisco IPS 7.0 Source IP Reputation Filtering
Cisco IPS 7.0 contains a new security capability called Cisco Global Correlation. This is an incredible piece of engineering that works. The Cisco IPS will receive a threat update from the Sensorbase network which contains the latest news of threats on the internet. This information is used to filter out potential attacks before they hit your network .
If you want to know more about BOTNET attacks then please visit Our It Department, an IT Support London based company. Thank you for taking the time to read this article.
