ZCorum sat down with Paul Ferguson to discuss denial-of-service attacks, and talk strategy on how best to prevent networks from being used in attacks.

Paul Ferguson DDoS AttacksAlpharetta, Georgia (July 01, 2014) – ZCorum, a leading provider of managed broadband services and diagnostics, released a new installment in their Ask a Broadband Expert series entitled Mitigating DDoS Attacks with Ingress Filtering. The article features an interview with Internet security expert Paul Ferguson, who co-wrote BCP38, the Best Current Practices policy on the subject.

A Distributed Denial of Service attack occurs when someone spoofs or fakes the return IP address within a packet to be an address on an unrelated network they’ve targeted for the attack. The attacker uses a group of compromised machines to flood the spoofed IP address with return packets, and once that begins it can completely shut down the target network. BCP38 encourages Internet Service Providers and others who route packets for large groups of users to implement ingress filtering to prevent IP spoofing in order to keep their network from being used as part of an attack. The policy was documented by the Internet Engineering Task Force (IETF), a non-commercial, not-for-profit, non-governmental organization that develops and promotes internet standards.

In the article Ferguson explains why these attacks are becoming more prevalent, who is most likely to be targeted, and why service providers should implement anti-spoofing measures. He states, “I would consider this to be Security 101, a security fundamental. If people cannot do the basic fundamentals of security then they are going to learn some very hard lessons.”

According to Arthur Skinner, Vice President of Worldwide Business at ZCorum, the number of DDoS attacks has risen sharply in the last year and they are having a greater impact when they occur. “The attackers are now making use of protocols like UDP and NTP, and they are amplifying the attacks so it doesn’t take many compromised users to have a huge impact on their victim.”