“…new tools–combined with good system and security
administration–will help to limit the damage from these assaults.
… Another suggestion: Distribute a site’s network load to
different ISPs and DNS servers. Yahoo’s site, for example, even
during the worst portions of the storm, never completely failed. In
no small part, that is because Yahoo relies upon a distributed
network architecture provided by Inktomi. If you don’t provide
such architectures for your customers, now is the time to
start.”
“To stop attacks before they start, check server systems for the
DDoS Trojan programs: Trinoo, Tribe Flood Network, TFN2000 and
stacheldraht. These have been found only on Solaris, but experts
say it’s only a matter of time before they’re ported to other
operating systems.”
“With the rise of high-speed DSL and cable-modem Net
connections, even the smallest of customers might become the
launching pad for significant DDoS attacks. For ISPs and CLECs, the
eventual, expensive answer may be to install DDoS blocking
solutions on or near their main routers. In the short run,
installing personal firewalls for smaller customers is a wise
step.”