0

Would having back up servers which kick in instantly when the primary server goes down kill a DDoS attack or just delay it? How many networks, distributed, would a midsize company need to withstand a DDoS attack?

Anders
  • 64,406
  • 24
  • 178
  • 215
Felicity Murphy
  • 11
  • 1
    As a midsize company you will not have enough resources to withstand arbitrary heavy DDoS attacks even if you have the fastest systems because at one point the bandwidth is saturated. And no backup system will kick in instantly, i.e. there will be always some delay. How much delay will be an how much DDoS you can deal with depends on the amount of money you are willing to spend in protecting your systems. But this is about the amount of certain detail which can be given to this broad answer. Also, `distributed-computing` is not about DDoS or DDoS protection so I've removed this tag. – Steffen Ullrich Dec 27 '17 at 10:48
  • @SteffenUllrich - removed my answer since you were entirely correct. – Hector Dec 27 '17 at 11:24
  • There are different kinds of DDOS attacks and different kinds of targets. Please specify. – Philipp Dec 27 '17 at 13:09
  • Not exactly an answer to your question, but https://security.stackexchange.com/questions/134767/how-can-isps-handle-ddos-attacks/134770#134770 has a summary of some of the ways ISPs handle DDoS attacks. Adding some additional servers available may help a little bit, but won't help you deal with attacks volumetric attacks which will just saturate your own and possible upstream network, and these are very common. – Teun Vink Dec 27 '17 at 15:13

1 Answers1

2

Maybe. It depends on whether or not you have a single point of failure that is the target of the DDoS.

If you have a domain, an IP, an ISP, and a server farm all serving your business, and this gets attacked, then, standing up a new domain, IP, ISP, and server farm will help to mitigate the attack, as long as the attack does not change to target your new location.

If you do not change all those things, like the domain, then the attack could automatically switch over to the new IP, ISP, and server farm once you redirect the domain to the new location. Same thing for each element.

So, yes, given the idea that a DDoS attack is limited in scope, then yes, setting up resources outside that scope could work (until the attack retargets). But, any single point of failure could bring your mitigations down.

schroeder
  • 123,438
  • 55
  • 284
  • 319