DDoS War Games: Strengthen Your Team & Systems By Attacking Them

Meeting Date: 
Wednesday, August 2nd 6:00 PM to 8:00 PM
Presenter: 
Shannon Weyrick

DDoS mitigation is an ever-evolving art. Architectures change, attackers get more creative, and keeping your team and tools ahead of the curve is a constant battle. So why not make DDoS preparedness fun, as well as practical? We’ll share our experiences with DDoS war games as a means of keeping your team’s skillset polished, their tools in top shape, and their spirits and confidence high.

Companies operating in the critical path of internet traffic are constantly exposed to DDoS attacks of all types and scales.  While Mirai-scale attacks generate the biggest headlines, most attacks are much smaller. Ideally, in most at-scale systems, the smaller and more mundane attacks are mitigated automatically. But because scale can vary, and attacks can progress dynamically as attackers get creative, operations teams need to be ready to respond.

Certainly, ops teams need the tools and visibility required to mitigate attacks available at their fingertips.  But they also need the institutional knowledge and the “headspace locality” required to dive into the fray to successfully and quickly mitigate new attack patterns under intense pressure.

So, how can you keep engineers from becoming complacent between major attacks?  How can you introduce DDoS identification and mitigation skills and tools to new engineers, and build the reflex-level familiarity necessary to succeed under pressure?  And how can you continually test your tools and your engineers to ensure they’ll be ready to go when you need them?

The answer is simple: attack your own platform!

“War Game” DDoS mitigation exercises have helped our engineers keep the rust off, exercised our tools, uncovered and forced us to address architectural and software constraints, and built trust and camaraderie among our team. In this presentation we’ll discuss what we’ve learned along the way: how to run “live fire” war game drills safely, using real data and realistic scenarios; tools we’ve used to generate attack traffic; best practices for operating live fire drills and getting the most out of them; and some of the benefits we have seen by pursuing this approach.

Lightning Talks

  • OpenWest Trip Report - Sean Dague
  • Currently looking for volunteers. Sign up if you'd like to give one.
Location: 

300 Rockefeller Hall, Vassar College

MHVLUG returns to Rockefeller Hall for the 2016-2017 Vassar Academic year. The best parking on site is the north lot of campus, which is accessible off of Collegeview Ave in Poughkeepsie. Once you are parked in the north lot walk south along North Drive. Rockefeller Hall is on the right, somewhat set back, as you walk down the main stretch. Enter the hall and go to the third floor. Room 300 is at the top of the stairs. The room will be open at 5pm, and people are welcome to come early.
 
When in doubt, use the map for reference.
 
Address: 
Collegeview Ave
Poughkeepsie, NY 12603
 
Map: 


View MHVLUG in a larger map