What practice should incident responders avoid during the eradication of DoS/DDoS attacks?

During the eradication of DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks, it is critical to maintain effective measures to mitigate the assault and protect the integrity of the network. Configuring firewalls to allow both ingress and egress traffic across the perimeter can expose the network to vulnerabilities. This practice could inadvertently make the network more susceptible to further attacks or allow harmful traffic to flow freely in and out of the network.

Proper incident response for DoS/DDoS attacks typically involves isolating affected systems to prevent infection from spreading, deploying traffic filtering solutions to filter out malicious traffic, and continuously monitoring network traffic to detect unusual patterns that may indicate a persistent threat. These actions help ensure that the response aligns with best practices for maintaining network security and integrity while the attack is being managed.