• Arts
  • Language Services
  • Furniture
  • Educational Services
  • Private Equity
  • Event Management
  • Nonprofit / Foundation
  • Manufacturing
  • Information Technology
  • Human Resources
  • Hotels and Restaurants
  • Health Care & Pharmaceuticals
  • Media - Broadcast and Publishing
  • Engineering / Construction
  • Food Products, Beverages and Tobacco
  • Petroleum Industry
  • Wholesale and Retail Trade
  • Travel and Leisure
  • Transporting, Moving and Warehousing
  • Telecommunications
  • Security Services
  • Real Estate
  • Marketing and Public Relations
  • Energy
  • Finance
  • Consumer Goods
  • Law Companies
  • Consultancy
  • Architecture
  • Airlines

News

Home / News / Technology for secure protection againts hackers has been available for many years

Technology for secure protection againts hackers has been available for many years

15.03.2013
Company: Amcham

Several major websites from the Czech Republic have been disrupted earlier last week after unknown hackers launched distributed denial-of-service (DDOS) attacks against them. The list of targets includes media, financial institutions and Telco operators. The Czech Computer Security Incident Response Team (CSIRT) confirmed that these DDoS attacks made use of the so called SYN Flood technique.

To mount such an attack, a hacker initiates a large number of TCP connections but does not respond to the SYN-ACK messages sent by the victimized server. The source IP addresses in the SYN messages sent are typically spoofed. Because new SYN messages arrive faster than the half-open connections initiated by previous SYN messages time out, the number of such connections constantly increases until the server has no more memory available to accept any new connections. In extreme cases, the system memory stack can overflow.

Detlev Knierim, Regional Director Eastern Europe from Citrix says:

“Attacks like the recent ones are a serious threat to any company or institution. When the attack hits unprepared, the consequences can be dramatic and lead to a complete collapse of business operations in the worst case. So companies and organizations of all sizes should assess their security measures and see if they are protected sufficiently against SYN DoS attacks. The preventive technology is available and very effective. One way to avoid the consequences of a SYN DoS attack is using SYN cookies instead of maintaining half-open connections on the system memory stack. Like, for example, any of our NetScaler appliances with system software version 8.1 or later automatically does. The appliance sends a cookie to each client that requests a TCP connection. Instead of maintaining the states of half-open connections, it allocates system memory for a connection only upon receiving the final ACK packet, or, for HTTP traffic, upon receiving an HTTP request. This prevents SYN attacks and allows normal TCP communications with legitimate clients to continue uninterrupted. Websites stay available even under SYN Flood attack. In addition, because the NetScaler appliance allocates memory for HTTP connection state only after it receives an HTTP request, it protects Web sites from idle connection attacks.SYN DoS protection on your NetScaler appliance requires no external configuration. It is enabled by default.”

Linkedin


AmCham Corporate Patrons

x
x

Delete

Are you sure? Do you really want to delete this item?