What is DDoS Protected DNS, and do I need it?

Statistics about Distributed Denial of Service (DDoS) attacks’ growth and frequency around the world are scary. Nobody wants to experience them, but there is no way to deny, anybody can be targeted. 

The time a DDoS attack can last is not a minor issue. Some have lasted a few hours, but others, days. Every hour your business is shut down means losses for you. Plus the cost for fixing the DDoS side effects on your site.

So from now, the answer is yes. If you have an online business, you definitely need protection against DDoS attacks.

What is a DDoS attack?

There are different ways for DDoS attacks to occur. In general, they choose a target (server, computer, or complete network) to overwhelm it through massive amounts of traffic coming from multiple infected sources (worldwide distributed devices).

Daily the number of connected devices to the Internet increases and the scope of such attacks gets multiplied. Think how easy it could be to infect all the insecure wearables and IoT (watches, wristbands, toys, fridges, toasters, home lights, cameras…) for attacking through them. Attack amplification can grow crazily. 

Some common DDoS techniques are:

  • Attacks through volume (floods). The objective is to clutter the target’s bandwidth with crazy loads of traffic. The scale for measuring them is bits per second (Bps). 
  • Attacks via a protocol. Protocols are rules for exchanging data on the Internet. Taking advantage of such rules, hackers can control the system. Through big loads of malicious packets, target protocols (TCP/IP, load balancers, firewalls, etc.) get consumed abnormally fast. The measurement scale used is packets per second (Pps).  
  • Attacks through the application layer. The victim is an edge server running a web app. Detection gets harder since bringing down an app is easier. It requires a more moderate amount of requests (traffic) to drown memory and CPU. They are measure in requests per second (Rps).

What is a DNS amplification attack?

To scale the damage is a clear DDoS objective. To get it, DNS amplification is used. Let’s explain it broadly. 

  1. A target is chosen. 
  2. A fake IP address for the target is forged. 
  3. DNS requests are sent to a DNS server with the forged IP address. More and more requests can be made to different DNS resolvers. 
  4. The target receives a massive response. 
  5. Resources get depleted. 
  6. The target is brought down.

What is DDoS Protected DNS?

The DDoS protected DNS is a robust network with strategically located servers in the world. What servers smartly do is to balance the traffic’s load. To be aware in case of an attack. Once spikes in traffic are detected, servers in the network distribute the load. If the attacker manages to bring down a server, more will still be working for your business, not suffer downtime.

This is extra protection for your business that is not included in basic DNS plans. What providers mostly offer for mitigating DDoS is:

  • 24/7 monitoring. DDoS attacks produce some traceable signs such as rare requests’ patterns, suspicious traffic related to an IP address or similar IPs, uncommon traffic loads, spikes, strange traffic in specific pages of your website, etc.
  • Load balancing. The wider a network is, the easier it is to balance big traffic among servers and guarantee up-time for your business. Prevention is the best choice when it is about online security.
  • Modern software. Efficient DDoS protection should prevent and also be ready to react in case of an event: firewalls, traffic filtering, notifications (alarms), real-time bot detection, and more.

Conclusion

DDoS protected DNS is a convenient investment for businesses looking for constant uptime and security. If you doubt, just think how much risk are you willing to afford for your business?

Leave a Reply

Your email address will not be published.