$30 off During Our Annual Pro Sale. View Details »

Mitigating DDOS Attacks with Terraform

Andy Gale
November 09, 2016

Mitigating DDOS Attacks with Terraform

A lightning talk about avoiding DDOS attacks with Terraform.

Andy Gale

November 09, 2016
Tweet

More Decks by Andy Gale

Other Decks in Technology

Transcript

  1. Mitigating DDOS Attacks with Terraform Andy Gale

  2. Andy Gale Managing Director Hello Future

  3. DDOS Attacks • DDOS - Distributed Denial Of Service attacks

    • DDOS attacks often target certain one or two few providers • If you host everything with one provider you can be stung if they are attacked
  4. Terraform • Keep your infrastructure as code • Set up

    your platform automatically with one command • Supports many of different services, called providers
  5. Terraform Archive Atlas AWS Bitbucket Chef CenturyLinkCloud CloudFlare CloudStack Cobbler

    Consul Datadog DigitalOcean DNSMadeEasy DNSimple Docker Dyn GitHub Fastly Google Cloud Grafana Heroku InfluxDB Librato Logentries Mailgun Microsoft Azure Microsoft Azure (Legacy ASM) MySQL OpenStack Packet PagerDuty PostgreSQL PowerDNS RabbitMQ Random Rundeck StatusCake SoftLayer Scaleway Template Terraform TLS Triton UltraDNS VMware vCloud Director VMware vSphere Providers
  6. Terraform • So we can see that we could set

    up our platform on multiple infrastructures with Terraform • Have them running on the time or spin them up on demand when a DDOS strikes • Of course budgetary constraints may have apply!
  7. Terraform • Simple, easy win - DNS • Have them

    running on the time or spin them up on demand when a DDOS strikes • Of course budgetary constraints may have apply! • But recent DDOS on Dyn DNS broke many sites
  8. Terraform resource "aws_route53_zone" "hellofuture" { name = "hellofutu.re" } resource

    "aws_route53_record" "www" { zone_id = "${aws_route53_zone.hellofuture.zone_id}" name = "www.hellofutu.re" type = "A" ttl = "300" records = ["212.45.31.81"] } AWS
  9. Terraform resource "dnsimple_record" "foobar" { domain = "hellofutu.re" name =

    "www.hellofutu.re" value = "212.45.31.81" type = "A" ttl = 300 } DNSimpe
  10. Terraform resource "dyn_record" "foobar" { zone = "${var.dyn_zone}" name =

    "${var.www_record}" value = "${var.www_a}" type = "A" ttl = 300 } DYN
  11. Terraform variable "domain" { default = "hellofutu.re" } variable "www_name"

    { default = "www.hellofutu.re" } variable "www_a" { default = "212.45.31.81" } Variables
  12. Terraform • Define multiple DNS servers for your domains •

    Keep them somewhere else (shortish TTL on the NS records) and if there is a DDOS attack just move them elsewhere.