NordVPN Promotion

Home / Blogs

Identify DDoS Attacks with Monitoring of Internal Applications (Part 1 of 3)

Most cloud DDoS mitigation services are offered on demand meaning that customers can enable the service when they are the victim of a DDoS attack.

But how can a company find out—quickly—that it is under attack? Sometimes it is difficult to know.

In this three part series, we will examine multiple monitoring tools companies can use to capture DDoS, which can help determine whether you are under a DDoS attack.

Option #1 – Internal server, network and infrastructure monitoring applications

Companies have a lot of monitoring software and applications to choose from, but one of the more popular pieces of software, called Nagios, allows you to monitor internal infrastructure status and performance of applications, services, operating systems, network protocols, system metrics and network infrastructure.

For example, monitoring software can check your HTTP service to ensure that a Website or Web server is functioning properly, and if the service is not functioning, most software includes real-time notification. Because most DDoS attacks target a Web server or application server, monitoring software may show the HTTP service to be experiencing a problem with slowness, high memory/CPU utilization or complete failure. In these situations, something is obviously wrong and it could be a DDoS attack.

While monitoring servers and infrastructure are helpful, there is no guarantee that DDoS is the culprit. Abnormal spikes in traffic and usage do occur for legitimate reasons.

It’s up to the IT administrator to then assess the data and determine whether to enable a DDoS mitigation service.

Stay tuned for the next segment in our three-part series where we discuss external performance monitoring in the cloud.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Donald Lee, Technical Sales Engineer at Neustar

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

DNS

Sponsored byDNIB.com

NordVPN Promotion