A Closer Look at IP Address Based Solutions to DDoS Attacks
DDoS or Distributed Denial of Service is a form of attack meant to take down a website. This type of attack employs massive data requests to the website - so massive that it will take up huge resources from the website that the website will eventually go down. According to compTIA, DDoS floods the website with requests that it will eventually block actual users from access.
Fortunately, there are numerous solutions a company could employ to prevent or address a DDoS attack. Some of these solutions are IP address based although careful consideration should be taken when opting for an IP address based solution.
IP Address Filtering
A DDoS attack uses multiple IP addresses to take down a website or an online service. Security experts and webmasters should be able to identify these IP addresses as they are often associated with high traffic. Blocking these IP addresses should be implemented immediately and IP address filtering should be put in place.
The beauty of IP address filtering is its relatively easy implementation. A webmaster should be able to implement this solution which could effectively block IP addresses associated with DDoS attacks.
However, this type of solution should only be temporary or a stop gap while other security options are considered. A DDoS attack may eventually use a different set of IP addresses - leading to a virtual cat and mouse scenario with an attacker. It should be noted as well that even though this is only a temporary solution, this solution should be implemented with the ISP because a blocked IP address will still hit the website's security resources.
IP Address Migration
An IP address migration will literally replace the current IP address of the website. Just like IP address filtering, this type of solution can also be executed by a webmaster as it simply transfers the web resources of the site outside the target of the attack.
Unfortunately, just like IP address filtering, this type of solution is only temporary. A persistent attacker will eventually find the website again and simply restart the attack. If anything, this type of solution gives the web admin time to look for a more effective as well as permanent solution to DDoS and similar types of attacks. This solution is also not ideal for websites that rely on outside resources because it will have to reconfigure connection due to the changes on the site's IP address.
Geo Blocking Access
Another form of IP-based protection is to enable geo-blocking. After logging the source of attacks, a web administrator can implement geo-blocking - specifying a country or countries that will not be permitted to access the website.
This is also a temporary solution to DDoS attacks. It also carries additional consequences especially for companies or businesses with international presence. It could inadvertently block legitimate users from access and even workers who opted to work remotely.
Modern Problems Call for Modern Solutions
Unfortunately, an IP address based solution for DDoS types of attacks should be considered as temporary solutions while a more permanent solution is being formulated and implemented. According to eSecurityPlanet a DDoS attack may come with a ferocious 3.47TB of data request per second - a staggering amount of data request that could easily cripple even a big business. A well established online business could lose millions in revenue if a DDoS attack takes place that eventually cripples the website for days.
It's always important to prepare for this type of attack especially businesses or websites that host sensitive service and information. Initial IP address based solution could be a temporary solution but there should be a plan once the temporary solution expires.