High-defense server refers to a server type with an independent single defense of more than 50G, which can provide network security maintenance for a single customer. Generally speaking, it belongs to a type of server. So how does the high-defense server effectively defend against network attacks? Please see below for details.
The types of attacks that the Anti-Defense Server can defend against: sending abnormal data packet attacks, attacks on the mail system, botnet attacks, and DDoS attacks.
How does the high-defense server effectively defend against network attacks?
1. Periodic scanning
Existing network master nodes will be scanned regularly, possible security vulnerabilities will be checked, and new vulnerabilities will be cleaned up in a timely manner.
2. Configure the firewall on the backbone node of the high-defense server
Installing a firewall can effectively resist DDoS attacks and other attacks. When an attack is discovered, the attack can be directed to some unimportant victim hosts, which can protect the real host from being attacked.
3. Make full use of network equipment to protect network resources
When a company uses load balancing equipment such as routers and firewalls, it can effectively protect the network, so that when one router is attacked and crashes, the other will work immediately, thereby reducing DDoS attacks to the greatest extent.
4. Filter unnecessary services and ports
Filter out the fake IP on the router, only open the service port, close all other ports or make a blocking strategy on the firewall.
5. Limit SYN/ICMP traffic
Users should configure the maximum flow of SYN/ICMP on the router to limit the maximum bandwidth that SYN/ICMP packets can occupy. In this way, when there is a large amount of SYN/ICMP flow that exceeds the limit, it means that it is not normal network access, but There are hacks.
6. Filter all RFC1918 IP addresses
RFC1918 IP addresses are the IP addresses of the internal network. They are not fixed IP addresses of a certain network segment, but regional IP addresses reserved within the Internet, and they should be filtered out. This method is not to filter the access of internal employees, but to filter a large number of false internal IPs forged during the attack, which can also mitigate DDoS attacks.