Featured
- Get link
- Other Apps
DDoS Playbook
DDoS Attack Playbook:
1) Identify the attack
- Monitor network traffic for unusual activity or spikes in traffic.
- Take note of unusually slow services .
- Check traffic logs/firewall logs to identify malicious traffic.
2) Notify your ISP
- Your ISP may be able to help by filtering out the malicious traffic, or by redirecting it from your network.
3) Determine the attack vectors
- Find the point of compromise that the attacker abused to preform the attack.
- Find what the attacker is trying to achieve and protect any critical or sensitive services of the network.
4) Block the attack
- Try to redirect as much traffic away from important services and ideally away from the whole network.
- Set firewall rules to try to block some malicious IP’s
- Modify firewall rules to better detect this type of attack for the future.
5) Monitor network traffic
- Both during and after the attack, network traffic should be carefully monitored for suspicious activity.
- Logs should be kept to analyze at a later time.
6) Conduct analysis
- Keep detailed notes of the attack so that after, you can look for areas of improvement.
- Provide training based on areas that can be improved
- Audit logs.
- Review security controls and rules.
- Get in contact with all necessary personnel i.e. stakeholders, law enforcement, etc.
- Get link
- Other Apps
Comments
Post a Comment