Home Page

We offer our clients in depth digital private investigations, and mitigation. We provide the information you will need to proceed if you want to litigate or prosecute the attacker. We offer years of experience tracking down hackers, and have contacts within various government agencies. We strive at providing excellence, which you will see through our product.

Confidentiality is a core value of DDoS Solutions. We take it seriously. We implement alternate storage of all the sensitive data, and communicate on a confidential basis with our clients. Our clients can rest assured that details of the attack threat against them will remain quiet if this is their personal preference.

Our services offer our clients the ability to show action has been taken regarding attacks to insurance companies, shareholders, customers, and your company management.We provide reports that may be used to explain to board members, stock investors, or management what is being done.By using terms and analogies that can be understood by non-technical members of your operation we strive to help our client communicate with all of your stakeholders. If requested we will also speak with your management to help better explain what has happened, and what is being done about it.

Is your company ready for a DDoS Attack? Does your Hosting ISP vendor know how to mitigate DDoS Attacks? DId you know that most attacks can be mitigated with great success without the use of expensive hardware solutions?

Business on the Internet today is akin to living in the worst part of Harlem in New York City in the 1970's before restoration. This is the current state of the Internet. CyberCrime is raging out of control with threats similar to what Harlem was experiencing almost forty years ago. Credit Card Fraud, Extortion, Theft, Lost Income relating to FIRES and Vandalism (Denial of Service Attacks) are reaching epidemic proportions.

The major players have finally awakened to what many of us have known for sometime. Botnets are getting more sophisticated in terms of technology and firing power. Botnets are no longer simple robots; they often consist of multiple modules. They are constantly morphing and modifying themselves by adding new modules as Command and Control Central tweaks malware infected host. Some of Bot.exe modules even attack competitors Bot.exe files to keep them from sharing your bandwidth.

The largest Botnets today can take easily down any website in the world if they focus their entire Botnets on a specific target. This is not just about web presence anymore. Entire countries can be successfully attacked, if they are not properly prepared, by the largest Botnet today on the Internet, Storm Worm. This evolution is putting the entire Internet Business Model and our communications infrastructure at risk.

If you feel safe will probably want to take a look at a report that shows otherwise that was done by Arbor Networks to get a feel for the enormous size of the problem. Please do not take a short cut to their report. Fill in the brief request form for it. The report is meaningful and they are a fine company as is Prolexic . So go through the process. Prolexic has periodically taken off their mitigating hat and hunted down specific targets which shows a genuine concern for their customers. Next check the capacity of the data center(s)' handling your servers and tell us that you feel safe. Typically web servers are hosted on 10Gbps data connections the attacks in the Arbor Networks report that can be downloaded here were as much as 70 percent higher.

Our current Internet protocols were built to insure packet delivery between any two points on a network in a catastrophic event. TCP/IP handles this function remarkably well. The protocol was not designed for open international networks with technically competent criminals that know how and want to exploit it.

If you read eWeek.com's article “ Is the Botnet Battle Already Lost? ” you will see that many have already thrown in the towel. They think we are so far behind that we cannot recover because of having ignored the root cause of Botnets too long. We do not believe this is true because we know we can find the majority of them. Yes, DDoS Attacks have reached epidemic levels and are driving the cost of the Internet business model up; but the battle is definitely not lost.

It is unfortunate that while most of the industry has been sleeping and profiting from DDoS Attacks in many segments; bandwidth providers, mitigation hardware and software, and others the Bot Herders have continued to improve their software and their tactics. Storm Worm is currently not findable for various reasons. But the best minds in the industry, including ours brightest here at DDoS Solutions, are endeavoring to find a solution. If someone attempts to extort money from you please verify with us that it is a valid Storm Worm Attack because most of the other attacks can be found today. Please check our FREE OFFER on analyzing TcpDumps for the first five web links we receive each day at no charge to confirm type of attack and mitigation.

One of our founders asked his grandfather why he kept that small lock on the entry to his workshop that contained tens of thousands of dollars worth of equipment because it just seemed so insignificant to him as a deterrent to break-in.

His grandfather laughed and told him “Son, that lock is not to keep criminals from breaking in; that lock is to keep honest people honest. I want them to know this is my property and that I care about it.”

What have we as an industry done to send the message out that we care about our business and our property? Have we done the basics to keep honest people honest.?

Is it Standard Operating Procedure in your company to document a DDoS attack by taking a raw tcpdump to log the attack? If not. does your hosting provider? If not either you or your hosting provider then your lack of action makes you a part of the problem and not the solution. Without a tcpdump there is no hard data to give the authorities regarding the attack to help in a speedy arrest. Have you proactively asked what is done with filtered data during an attack that is null routed; this is valuable information so why not?

Does your mitigation provider give you the data of the IPs and packets null routed during an attack and offer you BGP Backtrace? If not, why not? That valuable information is the equivalent of a security camera running during a bank robbery; not getting is saying you don't care. Setup good Standard Operating Procedures for DDoS Attacks. If your operations are mission critical to your business have a plan in place for deal with it. Document the attack by running a Raw TcpDump, and saving your Apache Access and Error Logs for the same time frame, as a high priority during an attack. Make this an integral part of your Standard Operating Procedure!

Businesses have turned a blind eye to problem. They make a valid point that infected machines managed by poorly trained customers and flawed software / hardware code is not their problem. Law enforcement is incredibly handicapped because they are understaffed and dealing with a crime wave that crosses international borders

Meanwhile the problem continues to escalate to the point that any web-site, any data center, in fact entire countries can be shut down at will by Bot Herders. We have given them the power and they are getting rich and enjoying life at our expense because people mistakenly believe that it does not do any good to find botnets or prosecute Bot Herders. This is terribly flawed information and the reason we are losing the war again DDoS Attacks. If you feel this way you are part of the problem and not the solution. So please read on and decide if it is worth

DDoS Attacks are Personal ATTACKS against you or your company. You or your company is a target because of a dispute, for monetary extortion, or to slow your site down to encourage your customers to go to the competitor's site because the Bot Herder is being paid. The good news is that if the Botnet Owner attacking you is arrested or confronted with identity exposure the DDoS Attack will usually stop. DDoS attack over disputes whether related to service or politics is particularly obnoxious because there is often no logical reason or explanation for it other than the Botnet Herder having a perceived grievance against the attack target.

Finding a traditional command and control botnet whether on IRC or a Web Host is only the beginning of the story at DDoS Solutions. We also have the technology to find most P2P and Router / Server Scripted Attacks as well. While no one can claim to find every kind of DDoS Attack we do find the majority of them if we are provided with the forensic evidence of a good tcpdump taken during an attack.

Taking a 45 MB tcpdump in a reasonable size DDoS Attack takes a NOC or network technician every bit of 3 to 10 minutes. There is absolutely no excuse for not taking a TCPDUMP; in fact it negligent not to do a tcpdump on every major DDoS Attack. We can speed the process of discovery up significantly for law enforcement with our proprietary technologies which will lead to faster arrests when the felons are located in countries that have cyber laws. In the event the felons are in countries without cyber laws we can take steps to legally dismantle their botnets.

Anyone with law enforcement experience will tell you that criminals pay attention to the time between committing a crime and being caught for it. Criminals typically do not think about how long they are going to be in jail until after they are caught. The faster we make the cycle, the fewer that will want to commit the crime and pay the time. DDoS Solutions has been building a database on Botnets and Bot Herders for almost a decade.We are prepared and ready to serve our clients.