CUBE HOST
DDoS attacks are currently the most widespread and one of the most dangerous hacker attack types. DDoS is a “distributed denial-of-service” attack, which basically means that your site or the whole server is flooded by a huge number of malicious requests from different sources, so it is very difficult to filter legitimate requests. As a result, the hardware of the server, like CPU and RAM is overloaded, as well as the throughput of the Internet connection, which leads to dramatic slowdown or even complete denial of service for real users or clients.
Most DDoS attacks against the specific victim are thoroughly planned by the hackers and are realized in the specific order:
There are two general approaches to DDoS attacks: hackers may either attack the hardware infrastructure of the server, or they may target specific programs and/or APIs to make them fail. Attacks on the hardware infrastructure are more widespread, usually have mass character, easier to execute, but they are also easier to be detected and protected against, and special software services are very successful in doing this. Attacks on the programs/APIs are more unique and need more careful preparation, so in many cases, it is necessary to engage security specialists to repel them.
There are dozens of specific types of DDoS attacks created during the last 30 years. The most infamous of them are ping flood, smurf attack, twinge attack, Fraggle attack, SYN flood, and many more.
Modern DDoS attacks usually target a specific person, company, or even country. Motives may be various, but the most common are unfair competition, blackmail, political or social protests, conflicts of interest, revenge, or even simple vanity. Hackers most often attack the websites of government institutions and services, e-commerce companies, financial institutions, and gaming services. During the last couple of pandemic years, the favorite targets are also video conferencing services, educational resources, online cinemas, media, and entertainment sites.
A successful DDoS attack disrupts the course of operations and damages the reputation of the victim, but the most dangerous threat is the possible leakage of information about customers or employees of the company. Hackers may steal passwords, personal data, and other confidential information, in the worst cases, including financial, accounting, and technical data.
To protect your business and information against DDoS attacks, you should follow some basic rules and perform some security measures:
As the Internet becomes a more and more dangerous place, the number of cloud-based services, which specialize in protection against DDoS attacks and various other threats, rapidly increases. Today, there are more than 30 such services, but we are going to consider only 5 of them, the most popular and effective.
Akamai, founded back in 1998, is the world-leading provider of services for network protection, including protection against DDoS attacks. It has more than 1300 data centers in more than 100 countries with over 10 Tbps of throughput. More than 225 security specialists are ready to help you out with security problems at any time of day and night. The quality of protection is indisputable. The only problem is that Akamai doesn’t reveal pricing for its services. Contracts with each client are signed separately, and monthly payments are defined on the basis of the value of protected assets, deployment model (on-demand or always-on service), selected service model (like self-service, assisted, or fully managed), and selected additional options. So, the protection isn’t going to be cheap, and for small websites, it is usually better to look for more affordable options. On the positive side, a 60-day free trial of the Edge DNS component of the DDoS protection service is available for potential clients.
Cloudflare, created in 2009, specializes in protection against DDoS attacks, which is its main direction of the business. It has one of the largest networks of data centers, situated in 275 cities in more than 100 countries. Cloudflare claims the peak throughput of its network as a whopping 172 Tbps and promises less than 50 ms latency for more than 95% of Internet users around the world. This service offers solid protection against all kinds of DDoS attacks, but only for its “Business” tariff, which costs $200 per month, and the “Enterprise” tariff with a custom monthly price. Basic protection, though, is available for free, while the $20/month “Pro” tariff already includes Web Application Firewall, which makes Cloudflare very popular among the owners of small websites. For sure, you’ve encountered its instruments of protection at some of your favorite websites.
Imperva Incapsula is another popular complex cloud-based security service with strong anti-DDoS capabilities. Incapsula platform was created in 2009, while its parent company, Imperva, is 7 years older. Service delivers multiple functions, such as DDoS Mitigation, Web Application Firewall (WAF), Application Delivery Control, Content Delivery Network, and Global Server Load-Balancing, and provides multi-level protection for its clients, whose list includes 7 of 10 top global financial services firms, 6 of 10 top global telecom providers and 34% members of Fortune 100. Imperva Incapsula has 50 data centers with 9+ Tbps of throughput around the world, which is not exactly at the level Akamai and Cloudflare, but it seems that the quantity here is exchanged for quality. Unfortunately, Imperva doesn’t provide pricing conditions for its services, but, at least, a free trial is available.
SUCURI is the next cloud-based service, which since 2009 provides its product called Website Security Platform. It actually includes antivirus and a firewall. The service provides standard functions like DDoS protection and Web application firewall, plus additional features like geo-blocking and blacklisting, detection and removal of malicious code, and protection against zero-day vulnerabilities, unusual bots, and brute force. The security network of the company includes 39 data centers located on all continents except for Antarctica and protects more than 400 thousand clients. Pricing is the strong side of this service. The whole Website Security Platform costs from $200 to $500 per year for 1 website, while the firewall separately costs $10 or $20 per month.
GCore is the youngest company on this list, founded in 2014. It provides a wide range of cloud services, including powerful DDoS protection and a Web application firewall. GCore has more than 140 data centers on 6 continents with a total throughput of 1.5+ Tbps. Unlike the other services in this list, GCore uses intelligent real-time traffic filtering technology, which usually stops a DDoS attack before it even starts. The service provides a wide variety of tariff plans for all kinds of users. Basic DDoS Protection costs €2.6 or €3.9 per month, CDN services including DDoS and vulnerability protection will cost from €0 to €100 per month, while complex Web Security packages start from €50 and €140 per month. Custom packages are also available.
If it’s working just fine, why should I update it anyway? That’s an easy one. Sure, if something works as intended, it is usually a
What are DDoS attacks and their types DDoS attacks are currently the most widespread and one of the most dangerous hacker attack types. DDoS is
The Zabbix server is used to collect and analyze information about the status of network nodes. In this article the process of installing and deploying
