Denial of service attacks

Denial of service (DOS) attacks are comparatively rare amongst the types of security incidents that are reported to Janet. The majority of DOS attacks are unsophisticated and subsequently short-lived, causing only minor issues for us due to our network capacity.

Unfortunately, a small number of DOS attacks do result in problems for members of our community. Janet?s resilient infrastructure has been designed as an open, multihomed network with a very high capacity. This type of architecture means that whilst we can't prevent all sources of attack, we do endeavor to block and filter attacks as soon as they are detected. However, in most cases, attacks are best filtered on your own network, where application level filtering becomes a feasible proposition.

We recommend implementing a recovery plan in case your organisation is subject to a DOS attack, and advise that you regularly review and update this document. Commercial products and services that provide anti-DOS measures at network and application layers are available and you should consider these alongside internal processes such as simply relocating the application.

The foundations for a mature security management process will lie in a risk-based approach, which not only takes into account the likelihood of a threat occurring but also includes the cost of implementing appropriate controls.