[Owasp-singapore] What are the "best" solutions to protect against DDOS?

Wong Onn Chee ocwong at usa.net
Tue Jul 14 11:10:57 EDT 2009


Given the recent media hype about the DDOS attacks against South Korea
and US, I will like to tap on the best brains in Singapore in a
discussion on the following areas:

1) How best to detect DDOS.

For e.g., is connection rate the best measure? How about measuring
latency of server responses and etc?


2) What are your favourite means to protect against DDOS?

For e.g. move to Akamai? Using Javascript injection/reply to validate
that it is a real browser, not a bot, which is sending the connection
requests? Move to cloud computing and etc?


3) How can the public, non-IT and non-IS trained, do to prevent their
Internet-connected terminals from becoming an unintentional DDOS attack
node?


If the outcome is of an acceptable quality, we will publish a summary of
our joint discussion to share with all our members.
At the same time, on behalf of OWASP/SSMG, I will send a copy to my good
friends in the policymaking bodies.
Hopefully, we can do our small bit to make digital Singapore a safer place.

Any folks interested to join in this initiative?

Regards
Onn Chee




More information about the Owasp-singapore mailing list