Best Practices Guide for DoS/DDoS Prevention In this document are guidelines that can be implemented in order to prevent future Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks on the university. No one individual practice, contained in this guide, will act as a perfect form of prevention, but will instead act as an additional layer of security. By combining these practices, the chances of another DoS/DDoS attack succeeding will be greatly diminished.
Acceptable Use Policies
Acceptable Use policies define the types of actions that are allowed to be performed on systems and the network. These policies also define the actions that are to be taken if the policy is violated.
For the university, a policy may be created which states that can only use the computers for functions related to the school. This usage could be limited to homework and research, for example. If the computer is used for anything else, penalties could range from temporary suspension of computer privilege to expulsion, depending on the number and/or severity of the offenses.
This policy would have to be made publically available. This could be done in a number of ways, including, but not limited to, posting it in the computer labs, adding the acceptance of it to the login process, and redirecting the user to it if the user attempts to install software or access a prohibited folder.
Incident Response Procedures Incident Response procedures define the steps to take if any incident occurs. This document lists who the responders are, and what actions need to be taken. The university’s Incident Response document should cover the following:
Who the respondents are, along with their individual responsibilities
Details as to when the team should respond. Different priorities should be given based on the varying types of systems, and incidents
Who, on the response team, makes