Distributed Denial of Service Cheat Sheet

Published: 2011-05-20
Last Updated: 2011-05-20 01:19:43 UTC
by Guy Bruneau (Version: 1)
1 comment(s)

The CERT Societe Generale has released another cheat sheet for Distributed Denial of Service (DDoS) freely available here. "This Incident Response Methodology is a cheat sheet dedicated to handlers investigating on a precise security issue." [1]


[1] http://cert.societegenerale.com/resources/files/IRM-4-DDoS.pdf

Previously published cheat sheet:

Worm Infection - http://cert.societegenerale.com/resources/files/IRM-1-Worm-Infection.pdf
Windows Intrusion - http://cert.societegenerale.com/resources/files/IRM-2-Windows-Intrusion.pdf
Unix Intrusion - http://cert.societegenerale.com/resources/files/IRM-3-Unix-Intrusion.pdf

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Keywords: DDoS IRM
1 comment(s)

Comments

might be obvious for most but I miss one critical prep:
distribute your dns servers/infrastructure through several AS! lowering the ttl for easier switching won't do any good if the servers aren't reachable because they depend on the DDoS'ed link(s).

Diary Archives