Defending Against DDoS Attacks

By Holly Gilbert

CloudFlare classifies different DDoS attacks into three groups based on the nature of the attack. They are labeled layer 3, layer 4, and layer 7 attacks.

“What a layer 3 attack does is it sends so much traffic to one of those ports that it’s more than the port can physically handle. And so if you’re a business and your Web site is connected with a 1-gigabit connection to the Internet, if someone sends you 1.1 gigabits of traffic or 2 gigabits of traffic, then you’re offline” says Prince.

Layer 4 attacks “go for a high volume of very small packets,” Prince says. “And so they typically aren’t enough to overwhelm a port, but they hit the operating system, and the operating system has to acknowledge every single one of these requests [which can create] bottlenecks that keep the legitimate requests from coming through.”

Layer 7 attacks consume the server’s resources by forcing the application to hold open the connection. “If you open 100,000 connections, and you hold them all open and then just trickle a little data across each of them…you overwhelm the total number of connections that the Web server can actually accommodate,” Prince says.

Implementing the solution is easy. “We don’t ask any of our customers to change anything about their existing infrastructure. So you don’t have to install any hardware, and you don’t have to install any software, because hardware and software are things that fail when you’re under these types of attacks,” says Prince. “Instead, we sit at the edge of the network and are in front of all these [spoof] requests.”

Prince says that the company has Web site customers of all sizes, ranging from personal blogs to Fortune 500 companies’ sites. Some customers are being proactive when they seek the service, but some have called to sign up for CloudFlare while under a DDoS attack. “When you sign up, it will instantly stop that attack, and then the site immediately comes right back online,” he says, noting that this method is “almost always” successful.

CloudFlare offers four plans, including a free plan that gives customers basic DDoS mitigation protection. As end users move up the pay scale, they can receive customized packages and a guarantee that their Web site is “always up,” or available to those wishing to access it. The most expensive plan, the Enterprise package, offers advanced DDoS mitigation services; it starts out at $3,000 per month and includes 24/7 phone support service and a certified account manager.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.