Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: How to Handle DDoS Incidents? We're Looking for Tips. SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
How to Handle DDoS Incidents? We're Looking for Tips.

The incident handling cheat sheets in an earlier diary applied to many types of security incidents. Some incidents, such as DDoS attacks, can benefit from specialized guidelines. As suggested by one of our readers, we'd like to create a cheat sheet that helps organizations during a DDoS attack. We would love for you to contribute.

If you have handled a DDoS attack, send us your advice on dealing with such incidents faster and more effectively. The tips should assume that the organization is reactive, and has not had much time to prepare for the incident in advance. We're looking for suggestions arelated to all stages of the DDoS incident, including detection, analysis, and mitigation.

We will compile the tips into a cheat sheet if we receive enough of them. (And thanks to those who already sent us their suggestions!)

 -- Lenny

Lenny Zeltser
Security Consulting - SAVVIS, Inc.

Lenny teaches a SANS course on analyzing malware.

Lenny

216 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!