Can a simple procedure limit a Distributed DoS attack?

Distributed Denial of Service attacks, or DDoS attacks, exploit a server, by employing not one, but many zombie machines, to make requests from the same IP address, every second for a duration.

While a Distributed attack can overwhelm many reliability measures, it is the case that every zombie has to make the request from the same IP, to maintain the pressure. If DNS reassigns the IP address, it falls to the botnet to redistribute the relevant IP address. If the botnet attacks a URL, then the effect is to hammer the DNS server, not the targeted IP address.

Some combination of “IP renew” and “flushdns” should resolve many distributed attacks, and possibly the less complicated DoS attack as well. A rigorous solution might include renewing the IP address at DNS several times a minute (or second?) at DNS for a few minutes, for thoroughness.

It is possible that automatic mirroring measures, implemented to balance bandwidth requirements against demand, would complicate the process, since the mirrors (like the zombies,) would need to coordinate IP addressing for the URL.


About James Johnson

I am an amateur mathematician & political theorist who enjoys (occasionally cerebral) humor.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s