Do you have a clear understanding of these DDOS protection mistakes?

Many people's cognition and understanding of DDoS attacks inevitably have some misunderstandings, so there are also some problems in DDoS protection. Some news reports on network security on the Internet are the source of most people's information, but the quality of these information varies. This article specifically analyzes some matters that enterprises should pay attention to when doing network security protection.
1. The website
's DDoS attack is not necessarily related to the scale or the level of corporate visibility. Current DDoS attacks are launched against many different types of enterprises and websites. DDoS attacks may also be strategically initiated by your competitors. For example, when your website carries out promotional activities, the risk and potential harm of DDoS attacks will be more prominent.
What is worrying is that the latest research on DDoS attacks shows that there are more and more phenomena and trends in which attacks are launched completely indiscriminately and for no reason. Many companies think that they don't have much popularity and will not be targeted by attackers as long as they don't cause trouble. However, in fact, small-scale websites have weak protection capabilities and are easier to succeed. Therefore, as long as your website is attackable, it is very likely to encounter DDoS attacks.
2. DDoS attacks do not all come from botnets composed of PCs (personal computers/personal computers).
Many people think that DDoS attacks are all attacks initiated by attackers controlling "PC (personal computer/personal computer) broilers". This was true in the past, but now the attention of hackers has long shifted from PCs (personal computers/personal computers) to "high-performance servers" and a large number and variety of"



DDoS attacks are a collective term for multiple types of attacks, and different types of attacks have different countermeasures. Generally speaking, cloud cleaning services are good at responding to traffic-based DDoS attacks; while local mitigation equipment is suitable for combating system resource-consuming and application resource-consuming DDoS attacks. Users should choose appropriate DDoS protection measures based on their business characteristics and major threats.
5. System optimization and increased bandwidth cannot effectively alleviate DDoS attacks.
System optimization is mainly to adjust the core parameters of the attacked system, such as "increase the number of TCP connection tables" or "establish connection timeout time". A large-scale attack can play a certain role in DDoS protection; but when it encounters a large-traffic DDoS attack, it has no effect at all. Increasing bandwidth is the same, and ultimately cannot solve the fundamental problem, only small-scale DDoS Attacks play a mitigating effect. When the attacker doubles the scale of the attack and the attack traffic, its effect is minimal. In addition, increasing the bandwidth for hard resistance is not advisable for large traffic DDoS attacks, because it is too burned. With money, ordinary small and medium-sized enterprises cannot afford such high costs.
Sixth, the use of firewalls, IDS (Intrusion Detection System)/IPS (Intrusion Prevention System) cannot mitigate DDoS attacks
Firewall is the most commonly used security product, but the traditional firewall is Protection through high-intensity detection is mainly deployed at the entrance of the network. Although it can protect all resources inside the network, it has also become the target of DDoS attacks.
IDS (Intrusion Detection System)/IPS (Intrusion Prevention System) is an application The most extensive attack detection and protection tool, but in the face of DDoS attacks, IDS (Intrusion Detection System)/IPS (Intrusion Prevention System) usually cannot fully meet the requirements. IDS (Intrusion Detection System)/IPS (Intrusion Prevention System) generally It is based on characteristic rules to detect application layer attacks. However, most of the current DDoS attacks simulate normal user access requests. Therefore, firewalls and IDS (Intrusion Detection System)/IPS (Intrusion Prevention System) On the issue of whether DDoS protection can be effectively carried out, there is a performance problem.
It can be said that the firewall is only part of the defense strategy, not a complete solution. If you want a more comprehensive and effective defense against DDoS attacks, you must not only rely on firewalls to solve them, but also need to combine other technologies and equipment for defense.
In the online world, the threat of DDoS attacks is everywhere, and enterprises should pay more attention to DDoS protection and network security. The cost of launching a DDoS attack is actually very low, and the technical difficulty is not high. If security protection is not done well, it is very likely to encounter an attack. DDoS attacks are the general term for the most common and stubborn network attack methods, which have the characteristics of "large destructiveness, strong lethality, high difficulty in prevention, and incomplete eradication". So far, there have been countless malicious DDoS attacks worldwide, and the companies, individuals, government departments and organizations that have suffered losses and injuries are countless!
This article comes from: http://www.heikesz.com/ ddos1/10810.html