By seopew 
4. Defense strategies for denial of service attacks
Defense methods for denial of service attacks usually include intrusion detection, traffic filtering and multiple authentication. Traffic that will block network bandwidth will be filtered, while normal traffic can pass normally. Firewalls can set rules, such as allowing or denying specific communication protocols, ports, or IP addresses. When attacks originate from a small number of abnormal IP addresses, a denial rule can simply be used to block all traffic originating from the IP of the attack source. Complex attacks are difficult to stop with simple rules. For example, when port 80 (web service) is attacked, it is impossible to deny all communications on the port because legal traffic will be blocked at the same time.
Traffic cleaning is also a common method. When traffic is obtained, normal traffic is distinguished from malicious traffic through DDoS defense software. Normal traffic is returned to the customer’s website, and otherwise blocked. Load Balancer technology can also be used to disperse network traffic, avoid single points of failure, and improve the fault tolerance of the system. Content Delivery Network (CDN) can cache website content, reduce the burden on the source server, and absorb some attack traffic.