4D's CTO, David Barker, gives his tips on how to protect against DDoS attacks.
Transcription of the video is below:
The good news is you can do a few things to cover yourself (such as using access control lists) - here's my guide on how to protect against DDoS attacks, starting with a few basic tools:
If you have a router or firewall you can look at rate-limiting the traffic that's able to go through that device.
Filters and access control lists
Another method is putting in place filters and access control lists that drop malformed or spoof packets- you can look at dropping the thresholds for things like SYN floods and ICMP floods.
While these methods won't completely protect your network and devices, they can buy you some time to introduce some more long term DDoS mitigation solutions.
The black hole
You can ask your upstream provider or service provider to 'black hole' the traffic towards that target device. While this takes the device offline and effectively does the DDoS attack's job for itself, it does protect the rest of your systems and applications from the attack and allows you to keep the rest of your customers online.
A safer DDoS protection solution
The better, long term solution is a DDoS mitigation service. This sits upstream from your network and actively inspects all traffic flows towards your applications and devices.
We look for any suspicious or odd traffic behaviours and will actively block any attacks before they even reach your network. From the product you will just have a clean feed of legitimate traffic towards your devices ensuring that any attacks are blocked well before they can have an impact on your system.
For more information, see our featured DDoS solutions."