UK Dedicated Servers #dedicated #servers, #uk #dedicated #servers, #uk #dedicated #server #hosting, #best #dedicated #server #hosting #uk, #dedicated #server #hosting #cheap, #cheap #dedicated #server #uk, #cheap #dedicated #servers #uk, #dedicated #servers #gaming, #gaming #dedicated #servers, #ddos #protected #dedicated #servers, #uk #dedicated #server #provider, #windows #dedicated #servers #uk, #windows #dedicated #servers, #linux #dedicated #servers #uk, #linux #dedicated #servers, #high #bandwidth #dedicated #servers, #10gbps #dedicated #servers, #10gbit #dedicated #servers, #london #dedicated #servers, #bristol #dedicated #servers


#

UK Dedicated Servers

Memory Configuration

  • 16GB DDR4 ECC +£0.00 ex VAT/m
  • 32GB DDR4 ECC +£10.00 ex VAT/m
  • 64GB DDR4 ECC +£30.00 ex VAT/m

Drive Configuration

  • 240GB SSD +£0.00 ex VAT/m
  • 1TB HDD +£0.00 ex VAT/m
  • 2 x 240GB SSD +£7.50 ex VAT/m
  • 2 x 1TB HDD +£7.50 ex VAT/m
  • 2 x 2TB HDD +£17.50 ex VAT/m
  • 2 x 480GB SSD +£20.00 ex VAT/m
  • 2 x 960GB SSD +£30.00 ex VAT/m
  • 2 x 4TB HDD +£35.00 ex VAT/m

Transfer

  • 20TB +£0.00 ex VAT/m
  • 30TB +£15.00 ex VAT/m
  • 50TB +£45.00 ex VAT/m

IP Allocation

  • 1 x IP Address +£0.00 ex VAT/m
  • 2 x IP Addresses +£1.00 ex VAT/m
  • 3 x IP Addresses +£2.00 ex VAT/m
  • 4 x IP Addresses +£3.00 ex VAT/m
  • 5 x IP Addresses +£4.00 ex VAT/m
  • 10 x IP Addresses +£9.00 ex VAT/m
  • /27 IP Allocation (32 IPs) +£20.00 ex VAT/m
  • /26 IP Allocation (64 IPs) +£35.00 ex VAT/m
  • /25 IP Allocation (128 IPs) +£60.00 ex VAT/m
  • /24 IP Allocation +£100.00 ex VAT/m

Memory Configuration

  • 32GB DDR4 ECC +£0.00 ex VAT/m
  • 64GB DDR4 ECC +£10.00 ex VAT/m

Drive Configuration

  • 2 x 240GB SSD +£0.00 ex VAT/m
  • 2 x 1TB HDD +£0.00 ex VAT/m
  • 1 x 480GB SSD +£0.00 ex VAT/m
  • 2 x 2TB HDD +£12.50 ex VAT/m
  • 2 x 480GB SSD +£15.00 ex VAT/m
  • 2 x 4TB HDD +£25.00 ex VAT/m
  • 2 x 960GB SSD +£30.00 ex VAT/m

IP Allocation

  • 1 x IP Address +£0.00 ex VAT/m
  • 2 x IP Addresses +£1.00 ex VAT/m
  • 3 x IP Addresses +£2.00 ex VAT/m
  • 4 x IP Addresses +£3.00 ex VAT/m
  • 4 x IP Addresses +£3.00 ex VAT/m
  • 5 x IP Addresses +£4.00 ex VAT/m
  • 10 x IP Addresses +£9.00 ex VAT/m
  • /27 IP Allocation +£20.00 ex VAT/m
  • /26 IP Allocation (64 IPs) +£35.00 ex VAT/m
  • /25 IP Allocation +£60.00 ex VAT/m
  • /24 IP Allocation +£100.00 ex VAT/m

Transfer

  • 30TB +£0.00 ex VAT/m
  • 50TB +£30.00 ex VAT/m

£140.00 per month

Intel Xeon E5-1650v4 Processor

Drive Configuration

  • 2 x 480GB SSD +£0.00 ex VAT/m
  • 2 x 2TB HDD +£0.00 ex VAT/m
  • 2 x 960GB SSD +£30.00 ex VAT/m
  • 2 x 4TB HDD +£35.00 ex VAT/m

Memory Configuration

  • 64GB DDR4 ECC +£0.00 ex VAT/m
  • 128GB DDR4 ECC +£40.00 ex VAT/m

IP Allocation

  • 1 x IP Address +£0.00 ex VAT/m
  • 2 x IP Addresses +£1.00 ex VAT/m
  • 3 x IP Addresses +£2.00 ex VAT/m
  • 4 x IP Addresses +£3.00 ex VAT/m
  • 5 x IP Addresses +£4.00 ex VAT/m
  • 10 x IP Addresses +£9.00 ex VAT/m
  • /27 IP Allocation (32 IPs) +£20.00 ex VAT/m
  • /25 IP Allocation (128 IPs) +£60.00 ex VAT/m
  • /24 IP Allocation +£100.00 ex VAT/m

Transfer

  • 40TB +£0.00 ex VAT/m
  • 50TB +£15.00 ex VAT/m
  • 100TB +£90.00 ex VAT/m

How to stop a DDOS attack – Solved – Windows 7 – Tom – s Hardware #ddos #blocker


#

How to stop a DDOS attack

At the consumer level, there’s not a lot you can do.

This is the equivalent of you being inside your house, and an incessant mob outside, continuously knocking on the door. So many of them, it blocks your pizza delivery.

Pretty much all you can do is lay low for a day or two until they go away.

Ive blocked them on skype. I went offline everywere they can contact me. It has been about 20 minutes since this happened and I bet they forgot my ip. Anyways, they were 12 year olds and 15 year olds. Dunno why it freaked me out.

I seriously doubt that the childishly behaving individuals that you kicked from your server have managed to develop a hack to enslave large numbers of computers (a botnet) necessary to effectively attack your I.P. address. Should they choose to utilize their own equipment, from their own I.P.’s, that would seriously cut into their gaming time, and readily identify them to your, as well as their own Internet Service Providers. Although it would be monumentally dumb for them to do that (although I think you have already established the fact they aren’t the brightest bulbs in the drawer) people who are actually going to commit an illegal act don’t usually announce it in advance.

When you are admining your server, make sure that you have set out clear, specific, policies (rules) that everyone is expected to follow. And broadcast them to all players. That way when someone breaks those rules, everyone on the server knows exactly what to expect (they’re going to get kicked or banned).

F*** ’em. They probably won’t do anything and even if they wanted to they probably don’t have the resources.

But for the sake of the question, you should start at the router.
Close all unused ports, use shields up! https://www.grc.com/shieldsup to check and see what other people can see from your connection.
Some routers have a DDOS prevention/mitigation option, turn that on obviously.
Turn off “respond to WAN ping”

A DDoS attack attempts to push you off the internet by literally flooding you with data. A more powerful system can cope with the load better.

Now, I doubt this will happen, but if you do come under a serious DDoS attack, start logging the requests coming in. If it goes on for long enough you can get your ISP involved and have them ban certain IP ranges.

TL;DR Batten down the hatches and keep your helmet on, you’ll be fine.

Theres many things you can do, Example you can find a hacker ask him to protect you. You can also self find a metode, but you can seed on Google how to stop DDos on my pc/Garrysmod server. Or something Whatever you think they will DDos you with, but u can do many things you can say sorry to them. Or something that your only turn, but get them but try to scarry them.


DDoS Attack Predictions for 2017 #anti #ddos #tool,ddos #attack #protection #software,ddos #prevention #software,ddos #mitigation #device,ddos #protection #vendors,network #threat #protection


#

DDoS Attack Predictions for 2017

In recent months the world has witnessed the rise of new, significant high-volume distributed denial of service (DDoS) attacks. With 2016 nearly in the rear-view mirror, at Corero we are preparing for a very busy year ahead. Our threat predictions for 2017 include:

  • Terabit-scale DDoS attacks will become the new norm, impacting ISPs and the Internet backbone itself
  • Novel zero-day reflection and amplification attacks will appear with more frequency, enabling more sophisticated and targeted attacks
  • DDoS attacks will become a top security priority, with increased disruption to businesses and government due to rising threat levels.

The Mirai botnet, which was responsible for a string of attacks in recent months, including the DDoS attack against DNS provider Dyn in October, will continue to evolve as hackers take advantage of the millions of poorly-secured, Internet-connected devices currently in use worldwide. In terms of its size, the Mirai botnet is currently believed to have a population of around 300,000 compromised devices, but its population could increase significantly if hackers amend the source code to include root credentials for other types of vulnerable devices.

Corero predicts that the Mirai botnet will also become more complex in 2017, as hackers evolve and adapt the original package, equipping it with new DDoS attack methods. Mirai is currently believed to contain around ten different DDoS attack techniques or vectors which can be utilized by hackers to initiate an attack. We believe this will increase during 2017 as attackers develop new methods, and then make them open source and available for anyone to use.

While the Mirai botnet is certainly fearsome in terms of its size, its capacity to wreak havoc is also dictated by the various attack vectors it employs. If a variety of new and complex techniques were added to its arsenal next year, we may see a substantial escalation in the already dangerous DDoS landscape, with the potential for frequent, terabit-scale DDoS events that significantly disrupt Internet availability.

The motivations for DDoS attacks are endless, and the range of potential political and economic fallout from such attacks could be far-reaching. Our entire digital economy depends upon access to the Internet, so organizations should think carefully about business continuity in the wake of such events. For example, it may be prudent to have back-up telephone systems in place to communicate with customers, rather than relying solely on VOIP systems, which could also be taken down in the event of an attack.

As an example of the pace of change in the DDoS landscape, the Corero Security Operations Center recently warned of an extremely powerful new zero-day DDoS attack vector which utilizes the Lightweight Directory Access Protocol (LDAP), and has the potential to amplify attacks by as much as 55x.

Certainly the Internet community needs to prepare for potent attack vectors like this to be added to botnets like Mirai. The combination of zero-day DDoS vectors, Mirai delivery mechanisms and attacker ingenuity would seem to indicate that Terabit-scale attacks could occur more frequently next year and internet availability in states, major geographic regions or even countries could be impacted significantly. Individual DDoS attacks, on average, cost large enterprises $444,000 per incident in lost business and IT spending, so the combined economic impact from an entire region being affected would be extremely damaging.[1]

ISPs Must Play a Role in Reducing DDoS Attacks

In the wake of recent IoT-related DDoS attacks many have encouraged manufacturers to install proper security controls on internet-connected devices before they are issued. That s a step in the right direction, but ISPs also have an important role to play in reducing the number of future DDoS attacks.

At a local level, ISPs could significantly reduce the overall volume of DDoS attacks across their networks by employing systems to detect and remediate infected bots that are used to launch DDoS attacks. Furthermore, they can leverage best practices such as ingress filtering to remove the problem of spoofed IP addresses that are widely used in reflection DDoS attacks. This simple improvement to service provider hygiene would be a great initial step towards reducing the overall volume of DDoS traffic. These steps can t protect against the full spectrum of DDoS attacks, but they would speed up the global response to attacks.

ISPs will find themselves at an important crossroads next year. By working together with governments and the international community, ISPs can strengthen the underpinning infrastructure of the Internet and significantly reduce the volume of malicious traffic flowing across their networks.

It is human nature to reflect on the past and wonder about the future. The good news is that the Internet community is paying attention and network operators, in particular, are actively looking for ways to address this issue. From the conversations I have been having, I see good reason to be optimistic and I am hopeful that the number of volumetric DDoS attacks in two or three years time will be significantly reduced through the combined efforts of ISPs, device manufacturers, security vendors and even government entities. As the IT security community rallies together to better protect the integrity of the Internet, we may make tremendous progress in defending against DDoS attacks.

Share this post:


Security Assessment, VAPT, ECSA Training in Bangalore, Chennai, Mumbai, Pune, Delhi, Gurgaon, Noida, Muscat, Qatar, Dubai, Certified Security Analyst, Ethical Hacking, GPEN, Penetration Tester, Network Security Testing, Web Application Security Testing, Assessment, Bootcamp, Workshop #security #assessment, #vapt, #ecsa #training, #certified #security #analyst, #ethical #hacking, #gpen, #penetration #tester, #network #security #testing, #web #application #security #testing, #assessment, #bootcamp, #workshop, #bangalore, #chennai, #mumbai, #pune, #delhi, #gurgaon, #noida, #muscat, #qatar, #dubai, #pt, #penetration #testing, #va, #vulnerability #assessment, #countermeasures, #encryption, #patch #management, #perimeter #defense, #database #security, #firewall #architecture, #intrusion #analysis, #network #attacks, #network #scanning, #os #security, #system #hacking, #black #box #penetration #testing, #grey #box #penetration #testing, #white #box #penetration #testing, #aes, #advanced #encryption #standard, #backdoors, #bou, #buffer #overflow #utility, #brute #force #attack, #brutus, #burp #suite, #code #analysis, #code #injection #attack, #cross #site #request #forgery, #cross #site #scripting, #cryptography, #data #breach, #data #encryption #standard, #data #execution #prevention, #ddos, #distributed #denial #of #service, #dmz, #demilitarized #zone, #dos, #denial #of #service, #dep, #des, #digital #signature, #directory #traversal, #emet, #enhanced #mitigation #experience #toolkit, #enumeration, #footprinting, #gak, #government #access #to #keys, #google #hacking, #hacktivism, #hijacking #webservers, #honeypots, #ibm #appscan, #identify #theft, #ids, #intrusion #detection #system, #ip #address #spoofing, #ips, #intrusion #prevention #system, #keystroke #loggers, #kismet, #ldap #injection, #linux #hacking, #malware, #man-in-the-middle #attack, #metasploit #architecture, #nessus, #nmap, #packet #sniffing, #paros, #password #cracking, #phishing, #pki, #public #key #infrastructure, #privilege #escalation, #reconnaissance, #rsa, #rivest #shamir #adleman, #rootkits, #san #cwe #top #25, #sha, #secure #hashing #algorithm, #ssh, #secure #shell, #ssl, #secure #sockets #layer, #session #hijacking, #snmp, #simple #network #management #protocol, #siv, #system #integrity #verifiers, #snort, #social #engineering, #solar #winds, #spyware, #sql #injection, #steganography, #thread #modeling, #threat #profiling, #tls, #transport #layer #security, #trojans, #utm, #unified #threat #management, #virus, #wep #encryption, #wepcrack, #worms, #wpa #cracking


#

A penetration test is done to evaluate the security of a computer system or network by simulating an attack by a malicious user / hacker. The process involves active exploitation of security vulnerabilities that may be present due to poor or improper system configuration, known and / or unknown hardware or software flaws, or operational weaknesses in process or design.

This analysis is carried out from the position of a potential attacker, to determine feasibility of an attack and the resulting business impact of a successful exploit. Usually this is presented with recommendations for mitigation or a technical solution.

About this workshop

This workshop gives an in-depth perspective of penetration testing approach and methodology that covers all modern infrastructure, operating systems and application environments.

This workshop is designed to teach security professionals the tools and techniques required to perform comprehensive information security assessment.

Participants will learn how to design, secure and test networks to protect their organization from the threats hackers and crackers pose. This workshop will help participants to effectively identify and mitigate risks to the security of their organization s infrastructure.

This 40 hour highly interactive workshop will help participants have hands on understanding and experience in Security Assessment.

A proper understanding of Security Assessment is an important requirement to analyze the integrity of the IT infrastructure.

Expertise in security assessment is an absolute requirement for a career in information security management and could be followed by management level certifications like CISA, CISSP, CISM, CRISC and ISO 27001.

There are many reasons to understand Security Assessment:

  • Prepare yourself to handle penetration testing assignments with more clarity
  • Understand how to conduct Vulnerability Assessment
  • Expand your present knowledge of identifying threats and vulnerabilities
  • Bring security expertise to your current occupation
  • Become more marketable in a highly competitive environment

Therefore this workshop will prepare you to handle VA / PT assignments and give you a better understanding of various security concepts and practices that will be of valuable use to you and your organization.

This workshop will significantly benefit professionals responsible for security assessment of the network / IT infrastructure.

  • IS / IT Specialist / Analyst / Manager
  • IS / IT Auditor / Consultant
  • IT Operations Manager
  • Security Specialist / Analyst
  • Security Manager / Architect
  • Security Consultant / Professional
  • Security Officer / Engineer
  • Security Administrator
  • Security Auditor
  • Network Specialist / Analyst
  • Network Manager / Architect
  • Network Consultant / Professional
  • Network Administrator
  • Senior Systems Engineer
  • Systems Analyst
  • Systems Administrator

Anyone aspiring for a career in Security Assessment would benefit from this workshop. The workshop is restricted to participants who have knowledge of ethical hacking countermeasures.

The entire workshop is a combination of theory and hands-on sessions conducted in a dedicated ethical hacking lab environment.

  • The Need for Security Analysis
  • Advanced Googling
  • TCP/IP Packet Analysis
  • Advanced Sniffing Techniques
  • Vulnerability Analysis with Nessus
  • Advanced Wireless Testing
  • Designing a DMZ
  • Snort Analysis
  • Log Analysis
  • Advanced Exploits and Tools
  • Penetration Testing Methodologies
  • Customers and Legal Agreements
  • Rules of Engagement
  • Penetration Testing Planning and Scheduling
  • Pre Penetration Testing Checklist
  • Information Gathering
  • Vulnerability Analysis
  • External Penetration Testing
  • Internal Network Penetration Testing
  • Routers and Switches Penetration Testing
  • Firewall Penetration Testing
  • IDS Penetration Testing
  • Wireless Network Penetration Testing
  • Denial of Service Penetration Testing
  • Password Cracking Penetration Testing
  • Social Engineering Penetration Testing
  • Stolen Laptop, PDAs and Cell phones Penetration Testing
  • Application Penetration Testing
  • Physical Security Penetration Testing
  • Database Penetration testing
  • VoIP Penetration Testing
  • VPN Penetration Testing
  • War Dialing
  • Virus and Trojan Detection
  • Log Management Penetration Testing
  • File Integrity Checking
  • Blue Tooth and Hand held Device Penetration Testing
  • Telecommunication and Broadband Communication Penetration Testing
  • Email Security Penetration Testing
  • Security Patches Penetration Testing
  • Data Leakage Penetration Testing
  • Penetration Testing Deliverables and Conclusion
  • Penetration Testing Report and Documentation Writing
  • Penetration Testing Report Analysis
  • Post Testing Actions
  • Ethics of a Penetration Tester
  • Standards and Compliance

Two-year jail sentence for teen who hacked Xbox #runescape #ddos #tool


#

Two-year jail sentence for teen who hacked Xbox

Wednesday 26th April 2017

Share this article

A crucial step in protecting the games industry from cyber crimes has been made this week as a man has been jailed for two years after hacking Xbox Live and other gaming services.

Adam Mudd, 20, committed over 1.7m attacks on websites and networks such as Minecraft and TeamSpeak, as well as Xbox Live and other Microsoft businesses. These were carried out after he created the Titanium Stresser program when he was 16 – a tool he then sold to other cybercriminals, The Guardian reports.

He was also accountable for 594 distributed denial of service attacks against 181 IP addresses between December 2013 and March 2015.

Mudd pleaded guilty, with the judge noting that his crimes had caused choas “from Greenland to New Zealand, from Russia to Chile”. The judge added this sentence needed to have a “real element of deterent”.

“I have a duty to the public who are worried about this, threatened by this, damaged by this all the time,” he said. “It’s terrifying.”

Mudd, who previously had undiagnosed Asperger syndrome, also admitted to breaching the security of his college, the West Herts College. This crashed the institute’s network and cost �2,000 to investigate, even affecting 70 other schools and colleges as well as local councils. Mudd claimed this was revenge after he was reportedly mugged at college but no action was taken.

His crimes against the games industry are said to be about improving his status in the online community, although he also benefitted financially. Sales of Titanium Stresser earned him the equivalent of �386,000 in US dollars and bitcoins.

The program was revealed to have 112,000 registered users, who used it to attack 666,000 IP addresses – 53,000 of which were in the UK. One notable target was Cambridge-based studio Jagex and its popular MMO RuneScape. 25,000 DDoS attacks against the company prompted Jagex to spend �6m on defending itself, resulting in a revenue lss of �184,000.

According to The Guardian, Mudd showed no emotion as he was taken away to a young offender institution.

Sign up for The Daily Update and get the best of GamesIndustry.biz in your inbox.


The Hack FAQ: Denial of Service Basics #ddos #hacking


#

5.0 Denial of Service Basics

This section covers basic info regarding Denial of Service attacks.

5.1 What is Denial of Service?

DoS (Denial of Service) is simply rendering a service incapable of responding to requests in a timely manner. This is a controversial subject, since some people think that DoS is not a hack, and/or is rather juvenile and petty. We prefer to think of them as just one more kind of tool in the toolbox, and as such, will continue to include material on them in the Hack FAQ. Ask yourself which is more alarming – the number of kids trying DoS attacks, or the number of DoS attacks that succeed?

Regardless of your feelings, DoS has been steadily gaining in popularity, whether with hackers mad at other hackers, sysadmins mad at spammers, or whatever – virtually everyone we’ve run into that is aware of the potential of DoS at least has software to do it, admins included.

5.2 What are some DoS scenarios?

Reasons that a hacker might want to resort to DoS might include the following:

  • A trojan has been installed, but a reboot is required to activate it.
  • A hacker wishes to cover their tracks very dramatically. or cover CPU activity with a random crash to make the site think it was just a fluke.
  • The hacker is acting out of the need (or delusion) that the DoS serves a greater good, such as a DoS attack on Pro Life sites by Pro Choice believers.
  • The hacker isn’t a hacker at all, but a pissed off lamer who has a poor outlook and too much free time.

Reasons that a sysadmin might use DoS:

  • A sysadmin may want to ensure that their site is not vulnerable by testing out the latest patch.
  • A sysadmin has a runaway process on a server causing problems and cannot physically access the box (Simple Nomad has officially done this twice now).
  • The sysadmin isn’t a sysadmin at all, but a pissed off lamer who has a poor outlook and too much free time.

5.3 What is the Ping of Death?

The Ping of Death is a large ICMP packet. The target receives the ping in fragments and starts reassembling the packet. However, due to the size of the packet once it is reassembled, it is too big for the buffer and overflows it. This causes unpredictable results, such as reboots or system hangs.

Windows NT is capable of sending such a packet. By simply typing in “ping -165527 -s 1 target” you can send such a ping. There are also source code examples available for Unix platforms that allow large ping packets to be constructed. These sources are freely available.

Most systems have patches available to prevent the Ping of Death from working. However, it is still included here for historical reasons, as the Ping of Death helped get the whole DoS craze really going, since it was so easy to perform.

5.4 What is a SYN Flood attack?

In the TCP/IP protocol, a three-way handshake takes place as a connection to a service is established. First, in a SYN packet from the client, to which the service responds with a SYNACK. Finally, the client responds to the SYNACK and the connection is considered established.

A SYN Flood attack is when the client does not responsd to the service’s SYNACK and continues to send SYN packets, tying up the service until the handshake times out. The source address of the client is forged to a non-existant host, and as long as the SYN packets are sent faster than the timeout rate of the service host’s TCP stack, the service will be unable to establish new connections..

This is only a simplified version of what happens, though. For more elaborate details and sample Linux code for creating a flood, read Project Neptune .

5.5 What are other popular DoS attacks?

Most others involve ICMP packets (such as used in ‘ping’) to create massive floods of traffic, or other packet malformations. Search for winnuke, smurf, or teardrop for more details, or visit one of the many sites dedicated to providing such tools, such as Packetstorm .

5.6 What are distributed DoS attacks?

Distributed DoS attacks are an interesting phenomena. The premise goes like this:

  • Attacker compromises 500 computers
  • Attacker installs special software to listen for commands and send massive loads of packets
  • Attacker uses special client software to send commands to 500 computers to direct them to flood a victim network

There are already several such tools available, such as Trinoo, TFN2K, and stacheldraht. Look for them on Packetstorm .

5.7 How can I discover new DoS attacks?

New DoS attacks are fairly easy to discover. Flooding any service or system with malformed or excessive packets and observing the behavior will tell you if you’ve discovered something interesting. It is advised that you test this kind of thing against home systems or cooperating friends until you’ve perfected your techniques. Often, it is easy to trace the source of such attacks, especially if you launch then from your home system without IP forgery, and since DoS is illegal against systems you don’t have permission to attack, and may violate your ISP’s acceptable use policy, you might want to be careful.

5.8 How does one defend against DoS attacks?

Oh, you want an answer? Well, it often isn’t easy to defend against DoS attacks, but there are a few things you can do. For defending against your Ping of Death style of attacks (malformed packets that crash a service or the system itself), the best line of defense is to keep your systems patched up, and to put a firewall between yourself and the Internet that is patched up. This really is the best method.

As far as bandwidth stealing attacks, such as floods, there is not a lot you can do. Packetstorm ran a contest that posed the question as far as distributed attacks go, and several of the concepts in numerous papers can be applied across the board to any DoS attack. The best papers included:

Protecting Against the Unknown by Mixter This long “college disertation” style paper covers all kinds of security problems. Purgatory 101: Learning to cope with the SYNs of the Internet by NightAxis and RFP This is the paper that probably should have won since it addressed the idea of tracing the attack down. Strategies for Defeating Distributed Attacks by Simple Nomad This paper outlines methods on defeating the stealth communications used by most distributed attack systems, and was the one we hoped would win.