With the rapid development and in-depth application of the Internet, how is the current situation of cyber attacks regarding DDoS protection? In recent years, DDoS cyber attacks have been in a period of high incidence, and global DDoS attacks have also shown an upward trend. At the same time, DDoS attacks will bring very large economic losses to the entire Internet-based business, which will cause even global enterprises and institutions. A headache for individual users.
What exactly is a DDoS attack?
Distributed Denial of Service is a network attack that is often referred to as DDOS. Baidu Encyclopedia's definition of DDoS attacks is relatively abstract: Distributed Denial of Service (DDoS) attacks refer to the use of client/server technology to combine multiple computers as an attack platform to launch DDoS attacks against one or more targets, thereby exponentially Improve the power of denial of service attacks.
General Secretary Xi pointed out in the “First Meeting of the Central Leading Group for Cybersecurity and Informatization” in 2014: Without cybersecurity, there would be no national security. Faced with such a severe situation, is there really no better protection against DDoS attacks?
From a technical point of view, DDoS attacks are not an attack, but a general term for a large class of attacks. There are dozens of types, and new attack methods are still being invented, such as SYN/TCP/UDP/ICMP Flood, And its variants Land/Teardrop/Smurf/Ping of Death, the most common is the CC attack.
The main difference between DDoS attack and CC attack: The two attack methods are mainly divided into three types: direct attack, proxy attack, and botnet attack. DDoS is mainly aimed at IP attacks, while CC attacks are mainly on web pages. Relatively speaking, the damage of CC attack is not devastating, but it lasts for a long time; while DDoS attack is traffic attack. This kind of attack is more harmful. By sending a large number of data packets to the target server, it consumes its bandwidth. Enough bandwidth and hardware firewalls can defend.
To put it simply, a DDoS attack is a sledgehammer directly hitting you, and a CC attack is a countless needles that pierce you. The two attack methods ultimately result in server downtime and inaccessibility.
As mentioned above, the characteristics of DDoS attacks are mainly the consumption of hardware, network and other resources of the target. As a result, normal requests cannot reach the target server. Then, filtering out these abnormal traffic becomes very important, but identifying, processing, and filtering out these attack traffic is impossible to achieve manually. It takes a lot of resources such as servers, network bandwidth, etc., in other words, costs. High becomes the biggest difficulty in protecting against DDoS attacks.
How to effectively resist DDoS attacks?
Simply put, it is to block malicious requests. Behind the realization of "intercepting malicious requests", it is necessary to invest a lot of money, supporting many software, hardware and strategies, such as professional hardware firewalls, larger bandwidth capacity, more IP addresses, more professional protection strategies, etc. With this set of solutions, accurate identification and interception can be achieved.
Because the investment in this approach is relatively large, it is more difficult for general service providers to support, so not all service providers have such capabilities. In order to more effectively protect against DDoS attacks and reduce the user's defense costs, more service providers choose to give the entire data center such defense capabilities.
To sum up, the current cyber security community still has no good once and for all ways to protect against DDoS, but it is not without corresponding solutions, mainly relying on normal maintenance and scanning to fight against. At the same time, although there is a solution, it still needs to pay more attention to network security, and do daily maintenance monitoring measures and emergency plans. The effect of simple software prevention is very insignificant. Among all the defense measures, hardware security facilities (hardware firewalls) are the most effective, but hardware firewalls do not mean that all attacks can be eliminated, but they can only reduce the attack level. , DDoS attacks can only be weakened but cannot be completely eliminated.
This article is from: https://www.zhuanqq.com/News/Industry/305.html