Mitigating DDOS Attacks with Terraform

Transcript

1. Mitigating DDOS Attacks with Terraform Andy Gale

2. Andy Gale Managing Director Hello Future

3. DDOS Attacks • DDOS - Distributed Denial Of Service attacks

   • DDOS attacks often target certain one or two few providers • If you host everything with one provider you can be stung if they are attacked

4. Terraform • Keep your infrastructure as code • Set up

   your platform automatically with one command • Supports many of different services, called providers

5. Terraform Archive Atlas AWS Bitbucket Chef CenturyLinkCloud CloudFlare CloudStack Cobbler

   Consul Datadog DigitalOcean DNSMadeEasy DNSimple Docker Dyn GitHub Fastly Google Cloud Grafana Heroku InfluxDB Librato Logentries Mailgun Microsoft Azure Microsoft Azure (Legacy ASM) MySQL OpenStack Packet PagerDuty PostgreSQL PowerDNS RabbitMQ Random Rundeck StatusCake SoftLayer Scaleway Template Terraform TLS Triton UltraDNS VMware vCloud Director VMware vSphere Providers

6. Terraform • So we can see that we could set

   up our platform on multiple infrastructures with Terraform • Have them running on the time or spin them up on demand when a DDOS strikes • Of course budgetary constraints may have apply!

7. Terraform • Simple, easy win - DNS • Have them

   running on the time or spin them up on demand when a DDOS strikes • Of course budgetary constraints may have apply! • But recent DDOS on Dyn DNS broke many sites

8. Terraform resource "aws_route53_zone" "hellofuture" { name = "hellofutu.re" } resource

   "aws_route53_record" "www" { zone_id = "${aws_route53_zone.hellofuture.zone_id}" name = "www.hellofutu.re" type = "A" ttl = "300" records = ["212.45.31.81"] } AWS

9. Terraform resource "dnsimple_record" "foobar" { domain = "hellofutu.re" name =

   "www.hellofutu.re" value = "212.45.31.81" type = "A" ttl = 300 } DNSimpe

10. Terraform resource "dyn_record" "foobar" { zone = "${var.dyn_zone}" name =

    "${var.www_record}" value = "${var.www_a}" type = "A" ttl = 300 } DYN

11. Terraform variable "domain" { default = "hellofutu.re" } variable "www_name"

    { default = "www.hellofutu.re" } variable "www_a" { default = "212.45.31.81" } Variables

12. Terraform • Define multiple DNS servers for your domains •

    Keep them somewhere else (shortish TTL on the NS records) and if there is a DDOS attack just move them elsewhere.