Mitigating denial of service attacks with load balancing

Denial of service (DOS) attacks pose a tremendous risk to organizations. The attacks have shifted from attacks at the layer 3 and layer 4 (network level) to layer 7 attacks, which are not quickly detectable by firewalls and utmost Intrusion Detection systems. An accelerating number of those attacks against the infrastructures of web servers of numerous organizations has been reported. The research aims to investigate some layer 7 application DOS attack tools and test open-source tools that offer some defense against these attacks. The research used open-source load balancing software, namely HAProxy as the front line of defense against DOS attacks to assess the effectiveness in detecting and preventing layer 7 DoS attacks. We demonstrate how a properly configured HAProxy can handle a variety of DOS attacks in a much more efficient manner.