I believe that defending against DDoS is no longer unfamiliar to most people, but DDoS attacks are still very mysterious to many people, and most of them don't know how to protect against such attacks. Let's first give you a detailed understanding of what this mysterious DDoS attack is?
The so-called distributed denial of service (DDoS) attack refers to multiple attackers in different locations simultaneously launching attacks on one or several targets, or one attacker controls multiple machines located in different locations and uses these machines to simultaneously attack the victim. Perform an attack. Since a distributed denial of service (DDoS) attack can cause many computers to be attacked at the same time, the target of the attack cannot be used normally. Therefore, once the attack occurs, it will cause many large websites to become inoperable.
Let's take a simple chestnut to help everyone understand that a group of bullies are trying to prevent the opposite shop (website/server/DNS) from operating normally. What measures will they take? The bullies pretend to be ordinary customers and have been crowded in their rival shops, relying on not leaving, but the real shoppers can’t enter; or they are always chattering with the salesperson, making the staff unable to serve customers normally ; It can also provide false information to the operators of the shops. After the shops are busy up and down, they find that they are all empty, and eventually ran away from the real big customers and suffered heavy losses. In addition, the bullies are sometimes difficult to accomplish these bad things by doing it alone, and many people need to be called together. Therefore, when a website is not protected by DDoS defense means, users will be inaccessible when it is attacked by DDoS. This is because the server is busy processing thousands of other useless access requests.
Based on different classification standards, distributed denial of service attacks can be classified into different categories. When taking defensive DDoS measures, we can choose measures based on different types of DDoS attacks. Generally speaking, this type of attack is roughly divided into seven categories. :
Based on the classification of the degree of automation, this classification is mainly divided into manual DDoS attacks, semi-automated DDoS attacks, and automated DDoS attacks. Based on the classification of system and protocol weaknesses, this classification is mainly divided into four types: flood attacks, expansion attacks, attacks using protocols, and malformed packet attacks. Based on the attack rate classification, based on the rate can be divided into continuous rate and variable rate attacks. Classification based on influence, based on influence, can be divided into complete breakdown of network services and attacks that reduce network services. Based on the classification of intrusion targets, DDoS attacks can be divided into bandwidth attacks and connectivity attacks based on intrusion targets. Based on the attack route classification, based on the attack route can be divided into direct attacks and repeated attacks. Based on the attack characteristics classification, from this perspective, DDoS attacks can be divided into two types: attack behavior characteristics can be extracted and attack behavior characteristics cannot be extracted.
In addition, there are two main manifestations of DDoS attacks: one is a traffic attack that mainly targets network bandwidth. A large number of attack packets are used to block the network bandwidth and cause legitimate network packets to fail to reach the host. The other is a resource exhaustion attack on the server host. A large number of attack packets cause the host's memory to be exhausted or the CPU to be occupied by the kernel and applications, resulting in failure to provide network services.
If your network or server does not have DDoS defense measures, when it is attacked by DDoS, the network or server will usually show these phenomena: there are a large number of waiting TCP connections on the attacked host. The network is flooded with a lot of useless data packets, the source address is false. There is high-traffic useless data, network congestion is serious, and the host cannot communicate with the outside world normally. Specific service requests are issued repeatedly at high speed, but the victim host cannot process all normal requests in time. In severe cases, the system will crash.
Therefore, it has become very important for the network or server of today's Internet companies to do a good job of defensive DDoS measures. When DDoS protection measures are taken, one's own interests can be protected to the greatest extent.
This article is from: https://www.zhuanqq.com/News/Industry/328.html