Take you a few minutes to learn about these very useful DDOS protection measures

Others 2021-01-24 06:35:06 views: null

DDoS attack is the most commonly used attack method by hackers. DDoS protection is mainly to ensure safety. So how to take effective measures to deal with it? Some conventional treatment methods are listed below.
(1) Check the source of the attack.
Generally, hackers will launch attacks through multiple fake IP addresses. At this time, if the user can distinguish which is the real IP address and which is the fake IP address, then know which network segment the IP comes from, and then request the network The administrator shuts down these machines in order to eliminate the attack from the beginning. If you find that these IP addresses are from outside, not from the company's IP, you can filter these IP addresses by temporarily filtering the IP addresses on the server or router.
(2) Configure the firewall on the backbone node. The firewall
itself can play the function of DDoS protection attack. When an attack is discovered, the attack can be directed to some victim hosts, which can protect the real host from attacks. Of course, these sacrificial host-oriented systems can choose unimportant systems, or systems like Linux and Unix that have few vulnerabilities and have good natural defense capabilities against attacks.
(3) Filter unnecessary services and ports
Filter unnecessary services and ports, that is, filter fake IPs on the router... It is a popular practice for many servers to only open service ports, for example, WWW servers only open 80 ports , And close all other ports or enforce blocking policies on the firewall.
(4) Filter all RFC1918 IP addresses.
RFC1918 IP addresses are the IP addresses of the internal network, such as 10.0.0.0, 192.168.0.0, and 172.16.0.0. They are not fixed IP addresses of network segments, but regional IP addresses reserved inside the Internet and should be filtered out. This method does not filter the access of internal personnel, but filters a large number of false internal IPs forged during the attack process. This is its DDoS protection principle.
(5) Find out the path the attacker passes and stop the attack
If hackers launch attacks from certain ports, users can prevent the intrusion of these ports. However, this method has only one outlet to the company's network, and it cannot work when it is attacked by an external DDoS. After all, after the exit port is closed, no computer can access the Internet.
(6) Make full use of network equipment to protect network resources. The
so-called network equipment refers to load balancing equipment such as routers and firewalls, which can effectively protect the network. When the network was attacked, the router died first, but the other machines did not die. After restarting, the failed router will return to normal and start quickly without any loss. If other servers die, data will be lost, and restarting the server is a long process. In particular, a company uses load balancing equipment, so when one router is attacked and crashes, the other will work immediately. So as to minimize DDoS attacks.
(7) Limit synchronization/ICMP traffic.
Users should configure the maximum SYN /ICMP traffic on the router to limit the maximum bandwidth that SYN/ICMP packets can occupy, so that when a large amount of SYN/ICMP traffic exceeds the limit, this is not a normal network Access, but hacking. Early restriction of SYN/ICMP traffic is the best way to prevent DOS. Although this method is not effective in DDoS protection, it can still play a certain role. If a user is attacked and looking for opportunities to deal with the attack, what he can do to resist the attack will be very limited. Since a catastrophic attack with a large amount of traffic is not prepared, the network is likely to be paralyzed before users regain consciousness. However, users can still seize the opportunity to find a silver lining.
The above is the DDoS protection measures introduced for everyone. If you follow the methods and ideas in this article to defend DDoS, the effect you receive is still very significant, and the loss caused by the attack can be reduced to a minimum. Although DDoS attacks cannot be thoroughly protected, effective mitigation can be achieved.
This article is reproduced from: http://www.heikesz.com/ddos1/6729.html

Guess you like

Origin blog.csdn.net/weixin_51110871/article/details/112547313
Recommended
Ranking
ElasticSearch-- data modeling best practices
Permission Maintenance - Shadow User Backdoor
Refactor the code using MVP mode
Quantitative investment-fundamental model-PVC multi-factor model
Spark Big Data Processing Lecture Notes 3.2 Mastering RDD Operators
Blazor page components (2)
Erlernen von Kenntnissen zur Android-Entwicklung – Kodierung, Verschlüsselung, Hash, Serialisierung und Zeichensätze
About Qi high in JAVA study notes SORM summary detailed personal explanation
Will you calculate the accuracy of the rope displacement sensor in the measurement?
OPENJTAG debugging learning (3): debugging using the gdb command line
Daily
More
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)

Code World

© 2018 codetd.com