Problem solve Get help with specific problems with your technologies, process and projects.

Best practices for preventing DNS/DoS attacks

User Parthasarathy Mandayam shares common sense best practices for protecting your system from DNS and DoS attacks.

Many corporate Web sites have suffered from illegal denial-of-service (DoS) attacks more than once. The companies that learn how to turn these experiences to their advantage go a long way to ensuring it doesn't happen again. Sometimes there's nothing like adversity to give you a new look at your surroundings. And the events of a network attack can uncover some very important mistakes and provide you with more than a few lessons. Turning these lessons into best practices is where the rewards of such adversity are realized. You can arrive at these best practices by asking yourself: "How are we vulnerable?" The following best practices are a sample of some of the common conclusions companies have come to following a DoS attack.

Practice 1: Keep an audit trail that describes what was changed and why.

Practice 2: Create interdepartmental Standard Operating Procedures (SOPs) and Emergency Operating Procedures (EOPs).

Practice 3: Understand that success can result in complacency.

Practice 4: Network monitoring isn't enough; your administrators must know your configuration in detail.

Practice 5: Test yourself both locally and over the Internet.

Practice 6: Your processes can harm you just like hackers.

Practice 7: Keep people aware of old configurations and their purpose.

Practice 8: When something is different, ask why.

Practice 9: Know the trade-offs between simplicity, cost and survivability.

Practice 10: Protect yourself against hackers.


Dig Deeper on Enterprise desktop management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.