Let’s say that some hacktivist group that shall remain Anonymous has decided to

Question

Let’s say that some hacktivist group that shall remain Anonymous has decided to target your organization’s public web server with a denial of service (DoS) attack. The strategy used is an old one – a TCP SYN flood. Hosts from the Internet are making legitimate connection requests to the web server, but they are not completing the TCP handshake. The web server keeps the port open and the resources allocated to answer the handshake until the handshake times out, which takes several seconds. This quickly exhausts one particular resource of the web server – the number of TCP connections that it can keep open at one time. Legitimate users cannot access the web server. Without expanding the web server’s resources, what are some strategies that you could implement to frustrate the attackers? Describe at least two host-based and two network-based strategies.

Explanation / Answer

Host based intrusion detection systems(Idses) the host or end point includes servers ,mobile devices and like they are one of the last layers of defense they are best security controls because of fine tuned to specific work station.

Aa network based often sits on ingress and egress of the network to the monitor what's coming and going it may not provide enough granual protection to keep everything in check especially by ssl . they're challenging for IT and security staff to configure properly without creating bottlenecks or negatively impacting network traffic, and it can be frustrating if they're set up in a way that prevents the user from getting his or her work done. Furthermore, the last thing that users want to deal with is a bunch of annoying pop-up windows asking if it's okay to allow unknown traffic to communicate to and from the computer.

Related Questions

Navigate

• Browse (All)
• Browse L
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.