[Owasp-Malaysia] Protecting From DDOS

Sun Sep 12 05:52:16 EDT 2010

Team,

What happen to Malaysia Today (MT) website get my interest to know
more about handling this kind of attacks and what can be by us system
administrator and developers in protecting our websites. Its can
happen to any website.

Im against DDOS that can cripple any websites including government
websites, business and ordinary people. DDOS also shows our computer
users still not updating their operating system to protect from trojan
or DDOS bot. Lack of awareness and knowledge I believe. Im looking
into this DDOS attack of MT in big picture.... If they can attack MT
they also can attack our Internet infra and cripple our country
network. Our banking systems now in question, can they protect
themself?

More info for those who want to know about protecting from DDOS

http://developer.yahoo.com/performance/rules.html

http://www.owasp.org/index.php/Testing_for_Denial_of_Service or google
for OWASP DDOS

At this blog post I also discuss about ways of protecting, may be its
could work ...

http://uppercaise.wordpress.com/2010/09/11/access-to-malaysia-today/

For example the use of CoralCDN network

http://www.coralcdn.org/

CoralCDN service can be use to access non login websites (due to its
proxy like) example to access PMO website

http://www.pmo.gov.my.nyud.net/

more articles about Content Distribution Network (CDN)

http://www.reaper-x.com/2009/10/02/how-to-use-coralcdn-to-save-your-bandwidth-problem-server-resources/

http://devcentral.f5.com/weblogs/macvittie/archive/2010/01/25/how-to-use-coralcdn-on-demand-to-keep-your-site-available.aspx

or using Squid and Nginx

http://serverfault.com/questions/30705/how-to-set-up-nginx-as-a-caching-reverse-proxy

http://wiki.squid-cache.org/SquidFaq/ReverseProxy

Im also looking into solution like

IPF in FreeBSD

and Iptables drop ....

This email post to

OSDC.my Mailing List

http://groups.google.com.my/group/osdcmy-list

OWASP Malaysia Mailing List

https://lists.owasp.org/mailman/listinfo/owasp-Malaysia