Professional Documents
Culture Documents
1 of 3
http://www.printfriendly.com/print?url=http://bencane.com/2013/01/14/mitigating-dos-attacks-with-a...
Mitigating DoS Attacks with a null (or Blackhole) Route on Linux A guide
on how to lessen the damage of a DoS attack by using a null route in
Linux Written by Benjamin Cane on 2013/01/14
In a world where the Anonymous group is petitioning the US Government to make DDoS attacks a legal means of protest; For internet
facing systems the threat of Denial of Service attacks are very real.
The cold harsh reality of DoS attacks are that there is no way to stop them. While there are services out there that are designed to take the
brunt of the attack for you these costs a significant amount of money (update:
seems pretty decent). A small firms only choice
when faced with a DoS attack is to simply ride through the attack with the least amount of damage possible.
On a Linux/Unix system you can mitigate the effects of an attack by blocking the communication with the attacking ip addresses. You can
either do this by creating
or via a null route also known as a black-hole route.
5/25/2015 12:25 PM
2 of 3
http://www.printfriendly.com/print?url=http://bencane.com/2013/01/14/mitigating-dos-attacks-with-a...
In less technical terms this means your system will receive data from the attackers but no longer respond to it.
5/25/2015 12:25 PM
3 of 3
http://www.printfriendly.com/print?url=http://bencane.com/2013/01/14/mitigating-dos-attacks-with-a...
5/25/2015 12:25 PM