What is CC ***? What is the difference and the DDOS ***?

CC *** stands Challenge Collapsar, Chinese meant a black hole is a challenge, because in the past against DDoS *** safety equipment called a black hole, the black hole that is the name suggests challenge to get this black hole *** No way, CC *** in principle access dynamic pages target site through a proxy server or a large number of broiler simulates multiple users, making a lot of back-end database query action, the target consumption of CPU resources, resulting in denial of service.
DDoS stands for: Distributed Denial of Service (DDoS: Distributed Denial of Service) . The three elements of information security - "Privacy", "integrity" and "availability", the denial of service ***, goals against is the "availability." *** The way to the target system using the network services functional defects or their direct consumption of system resources, so that the target system can not provide normal services, denial of service *** *** who, in fact, allow the server to achieve two effects: a is to force the server buffer is full, does not receive a new request; second is to use IP spoofing to force the server to legitimate users of the connection reset, affecting legitimate user's connection.
So how do we effectively secure against CC *** and DDOS *** it?
DDOS *** Defense:
1, filtering unnecessary server and port
can be used Inexpress, Express, Forwarding and other tools to filter unnecessary services and ports that fake IP filtering on the router.
2, abnormal flow cleaning filter
to filter cleaning abnormal traffic by DDoS hardware firewall, filtering through the rules of data packets, the data stream fingerprint detection and filtering, and packet content custom filtering and other top technology can accurately determine the foreign traffic is normal, further abnormal traffic ban filtration.
3, distributed collective defense
is the most effective way to network security defense industry of large-scale DDoS ***. *** As a receiving node can not provide the service, the system will automatically switch to another node according to the priority setting, and all the data packets *** who sends back point, so that the source *** become paralyzed, others from security point of view depth to affect the safety of the implementation of decisions.
4, high anti-DNS resolution only
intelligent DNS resolution system with the perfect combination DDoS defense system, providing a super detection against new security threats. As well as downtime detection, ready to be paralyzed server IP intelligence replaced the normal server IP, maintaining a service status never downtime for enterprise networks.
CC *** Defense:
1, modify the registry law
less contrast CC *** have some effect, but a lot of *** would be difficult defense, eventually leading to server crashes, network outages
2, domain spoofing analytical method
though protects against CC ***, but can not access normal traffic access, does not work properly, with you directly to the site shut down no difference, it is not desirable.
3, the use of fire please
domestic There are a variety of free firewall. But after the actual use and testing of a large number of really letting the CC *** really play a defensive role, few, many free defense program, or free firewall, there is a certain short period of time in dealing with some of the pranks *** role, but against those blackmail, ××× type is difficult to play what role.
DDoS *** CC *** and defense methods we mentioned earlier, has its own advantages and disadvantages, how truly and defense DDoS *** CC ***, which can be avoided, this method is called TTCDN diffuse cloud network.