User:Fzy92/sandbox

Block Dos
Block Dos is a Canadian-based DDoS mitigation company.

Hi-Speed Border Filtering...
BlockDos has established peering connections with multiple core Internet Service Providers to provide multi-gigabit attack protection. Each peer is closely monitored and continuously evaluated in order to deliver the fastest response time to customer's critical and latency-sensitive applications.

At BlockDos border, traffic is filtered for bandwidth flood using wire-speed Access Control Lists. BlockDos also keeps tracking lists of bogon IPs and infected hosts which are also filtered at this layer.

Deep Packet Inspection...
At this level, protocol state such as TCP three-way handshake is verified. SYN DDoS flood and other similar DDoS attack attempts that do not conform to protocol standard are also filtered out. To mitigate spoofed attacks, BlockDos uses challenge-response algorithms like TCP SYN cookie and TCP SYN Authentication to distinguish between spoofed and legi timate traffic.

Adaptive Filtering...
BlockDos enforces both Statistical Analysis and Anomaly Recognition filtering for zero day attacks. Using Statistical Analysis, unusual number of packets or high traffic rate from zombie clients can be identified and filtered. Using Anomaly recognition, auto-learning of normal baselines for protocol and source networks flows can be used to identify and filter malicious activities.

Flexible-Content Filtering...
BlockDos prevent DDoS Mitigation system continously monitors application traffic for unusual pattern and behavior. Using its proprietary pattern recognition and analysis system, BlockDos deters morphing HTTP flood attacks by adapting flexible-content filters to counter evasive intents rapidly.

Application Level Filtering...
BlockDos deep packet inspection engine provides comprehensive application-layer intelligence, allowing BlockDos to understand what applications are running on the client's network to efficiently select and deter application traffic violations. With increasing number of attacks from larger-sized clients (or zombies) using valid established connections to overwhelm the system resources, BlockDos anti-zombie system mitigates such HTTP attacks by using a challenge response authentication process to differentiate between legitimate browsers and zombie programs that access the attacked site. To further mitigate application specific level attacks - HTTP attacks, BlockDos can enforce intelligent HTTP Malformed filtering to ensure the validity of HTTP transactions, and limit the number of connections or requests to specific objects.

Rate-Limiting...
Rate-limiting will be applied to further limit exploitation of system and bandwidth resources against baseline statistic.

Reference
