Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Distributed Denial of Service Cheat Sheet - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Distributed Denial of Service Cheat Sheet

The CERT Societe Generale has released another cheat sheet for Distributed Denial of Service (DDoS) freely available here. "This Incident Response Methodology is a cheat sheet dedicated to handlers investigating on a precise security issue." [1]


[1] http://cert.societegenerale.com/resources/files/IRM-4-DDoS.pdf

Previously published cheat sheet:

Worm Infection - http://cert.societegenerale.com/resources/files/IRM-1-Worm-Infection.pdf
Windows Intrusion - http://cert.societegenerale.com/resources/files/IRM-2-Windows-Intrusion.pdf
Unix Intrusion - http://cert.societegenerale.com/resources/files/IRM-3-Unix-Intrusion.pdf

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Guy

424 Posts
ISC Handler
might be obvious for most but I miss one critical prep:
distribute your dns servers/infrastructure through several AS! lowering the ttl for easier switching won't do any good if the servers aren't reachable because they depend on the DDoS'ed link(s).
Guy
13 Posts Posts

Sign Up for Free or Log In to start participating in the conversation!