DDOS Protection Encyclopedia: How to choose the most appropriate measure among the dazzling protection measures

Others 2021-01-24 06:36:34 views: null

In order to protect against DDoS attacks in the market, many companies have launched DDoS high-defense servers and individual DDoS protection products. What exactly is the DDoS attack protected by these products? Now let everyone know about DDoS attacks and DDoS protection methods commonly used in the market.
The Chinese translation of DDoS traffic attack is a distributed denial of service attack. According to the initials, it is called DDoS. Because DDoS traffic attacks are fierce, continuous and continuous, they are also called flood attacks in China. DDoS traffic attacks are currently the most common method on the Internet. The main reason is that public distributed reasonable service requests are exhausted by the attacker’s server resources, causing the server service to provide normal services. This method is simply to increase the server. The amount of traffic makes it overload and causes the server to crash or paralyze. For example, during Double Eleven, a large number of users use Taobao. Too many users make Taobao unable to run quickly and the page is paralyzed.
And DDoS traffic attacks can be divided into two major levels: bandwidth consumption and resource consumption, from network occupation to target hardware performance occupation, in order to achieve the ultimate goal of target server network paralysis and system crash. Here are some of the more commonly used DDoS traffic attacks.
PING of death: PING of death is ping of death, or called the level of death, which is also translated as the balance of death. This attack method is mainly based on the DDoS traffic attack through the TCP/IP protocol. This type of attack method is mainly By sending data packets whose fragment size exceeds the specified size of the TCP/IP protocol to the server, the server system cannot process normally and cause a crash. The maximum bytes of these data packets are 6,5535 bytes.
CC attack: CC (Challenge Collapsar), which means to challenge the black hole, uses a large number of broilers (free proxy servers) to send a large number of seemingly legitimate requests to the target server, thereby continuously using the resources of the attacked server to make repeated requests. Let its resources continue to be consumed. When the server's resources are exhausted, users cannot access the server normally to obtain the server's response. During the cc attack, the stability of the server is constantly deteriorating until the server is paralyzed.
UDP flood attack: UDP: User Datagram Protocol floods, a connectionless protocol, mainly through the handshake principle in the information exchange process to achieve the attack, when sending data through UDP, three data handshake verification Failure to proceed normally, resulting in failure to perform normal handshake verification when a large number of data packets are sent to the target system, resulting in full bandwidth and inability to allow normal users to access, causing the server to paralyze or crash.
At present, the DDoS protection methods commonly used in the market to deal with these attacks are as follows: The
common DDoS protection is to use multiple authentication. Intrusion detection and traffic filtering methods perform traffic filtering on the bandwidth congested by attacks so that normal traffic can access the target server normally, thereby maintaining the normal operation of the server.
Traffic cleaning means that all access traffic of the server passes through the high-defense DDoS attack traffic cleaning center. Through the various protection strategies of high-defense, normal traffic and malicious traffic are distinguished, cleaned and filtered, and malicious traffic is blocked outside the server to make normal The traffic can be accessed normally, and malicious traffic is prohibited to achieve filtering.
The firewall is the most common DDoS protection device. The access rules of the firewall can be flexibly defined. The rules can be modified to allow or deny specific communication protocols to enter the server. Whether it is a port or an IP address, if the target IP is found to be abnormal, then the IP source is directly blocked All communications, even if the more complex ports are attacked, they can still effectively protect against DDoS.
Although DDoS protection technology has developed rapidly in recent years, it is undeniable that DDoS is still a very large network security threat. With the development of technology, some new types of DDoS traffic attacks are still active on the battlefield of network security, such as Think of it as a variant of Mirai 0x-booter. With the transformation and investment of new Internet technologies and equipment, many hackers continue to update and improve DDoS traffic attacks. Therefore, in this battlefield of DDoS protection, the technology of network security protection personnel still needs to be constantly updated and reformed.
This article is reproduced from: http://www.heikesz.com/ddos1/1829.html

Guess you like

Origin blog.csdn.net/weixin_51110871/article/details/111686353
Recommended
Ranking
2019 JD pen questions - Choir
Grafana installation & basic configuration
How to solve the high gas fee of Filecoin? The official attitude is bright!
Informatization development 59
Date,DateFormat,Calendar,
Introduction to MySQL - Understanding MySQL
win10 conexão de área de trabalho remota ubuntu20 (RDP)
52. Customize generics on methods
Detailed explanation of CAP, ACID, BASE theory and NWR practice strategy
UnknownHostException:XXX:Name or service not know
Daily
More
2024-08-01(0)
2024-07-31(0)
2024-07-30(0)
2024-07-29(0)
2024-07-28(0)
2024-07-27(0)
2024-07-26(0)
2024-07-25(0)
2024-07-24(0)
2024-07-23(0)

Code World

© 2018 codetd.com