network background popup

DDoS Blog

What is HTTP 468?

Once upon a time DOSarrest used the same status code (403 Forbidden) to respond to any illegitimate traffic. For webservers this is sufficient, but sometimes people want to know why a request is forbidden. As we added more and more filters that 403 became less and less meaningful, so we started to[...]

Aug 1st 2019

Using Network Tools Like DOSarrest’s DTA To Mitigate DDoS Attacks

Last week we announced a new service offering called the DOSarrest Traffic Analyzer (DTA), essentially a cloud netflow/jflow/sflow ingestion and analyzer platform that leverages our Big Data platform we developed inhouse a few years ago and are now making available to you. For this blog, I’ll deta[...]

Apr 15th 2019

Cross Site Scripting attack illustrated

Wordpress plugin, Social Warfare exposes sites to XSS attacks, was the alert that went out on March 21st 2019. A plugin named "Social Warfare" used by Wordpress sites allowed hackers to inject code into their websites, its estimated that 70,000 websites were effected. It was labelled as A "Zero-Day"[...]

Mar 26th 2019

Network Intelligence as a Service DOSarrest Traffic Analyzer

This month we launched a new exciting product called the DOSarrest Traffic Analyzer (DTA), taking an inhouse platform that has been essential in providing real time security analytics and actions for the DOSarrest network, and making it available for customers to help with their own networks. In a n[...]

Mar 21st 2019

Understanding Positive and Negative model Firewalls and WAFs

Web Application Firewalls are a vital component to a healthy security position.Traditional security appliances, like firewalls, are not designed to evaluate all of the intricacies of modern applications. Traditional firewalls evaluate network layer information, comparing traffic against a list of c[...]

Mar 1st 2019

How do you stop Scraping ?

How do you stop Scraping ? There are a number of ways to go about this including buying a subscription of scraping bots that have been identified and then applying an Access Control List(ACL) to prevent them from accessing your web properties. DOSarrest develops its own software to thwart any mali[...]

Oct 26th 2018

The Rise and Reasons for SSL based attacks

When one thinks of SSL and Encryption, the de facto assumption is that it automatically makes IT systems safer, and for the most part, this assumption is mostly true: SSL/TLS encryption has been instrumental in providing users the confidence for online data transactions over the last 20 years. Howev[...]

Sep 24th 2018

Stateless Single Sign-on

Building a single sign-on feature (SSO) for stateless applications can be challenging. Stateless applications are the new way of building web applications. Back in the day, web applications would hold a session for each logged in user; this led to many issues in the area of scalability, availability[...]

Jun 29th 2018

A Tale of Terabits: Don’t Forget about Mirai

The attacks generated by the latest amplification attack methodology, eponymously named Memcache (a popular open source distributed memory caching system), have so far generated the largest DDoS attacks to date. Within a one week period, Memcache has created two attacks registering at 1.3 Tbps and 1[...]

Mar 19th 2018

Machine Learning Model Selection

Got Machine Learning?Machine learning has been an industry buzz word for the last few years. More and more frequently it’s being sought after by potential customers. Unfortunately, machine learning is rarely sought as a solution to a particular problem, rather it is simply treated as an item on a[...]

Mar 10th 2018

DDoS Article Categories