3 ways to judge whether you have suffered a DDoS attack! Let you do DDoS protection in advance

In today's globalized society, DDoS protection has become very important. While information and communication technologies such as cloud computing, 5G, and AI have brought convenience to everyone, they have also created many gray industries to deliberately embezzle broadband networks and disrupt normal operations. Among them, the dark killer in the network security industry-DDoS attacks, can be said to be the most tricky and hopeless attack method in network operation and maintenance.
So how do we tell whether our server has suffered a DDoS traffic attack or a resource exhaustion attack in our daily life? Here are several phenomena for analysis:
1. The website or server access suddenly becomes very slow or inaccessible, and there are a lot of waiting "TCP semi-connection" states on the server;
2. The network is full of useless data packets ;
3, to test the Ping command, if found to Ping timeout or serious packet loss (usually under normal circumstances), network fault factors are excluded, then most likely suffered a traffic attack; if this also found, and Your host is connected to the server on the same switch and cannot be accessed. Basically, it can be determined that it has suffered a traffic attack.
At present, the effective methods of DDoS protection mainly include the following:
1. Select the DDoS protection server of the server provider and use the hardware firewall of the computer room to filter, clean and divert malicious traffic.
2. Purchase a "CDN (Content Delivery Network)" from a cloud service provider or CDN service provider to speed up network services and hide the IP address of the source server of the website.
3. The network bandwidth directly determines the ability to resist and withstand DDoS attacks. If the network bandwidth capacity is insufficient, it is easy to be unable to respond to the access requests of normal users because the bandwidth is full and blocked when the traffic is attacked by DDoS. It is necessary to ensure that the server has sufficient network bandwidth to deal with attacks of a certain scale and traffic.
4. Under the premise of ensuring sufficient network bandwidth, please try to upgrade and strengthen the hardware configuration of the server. To effectively combat DDoS attacks and improve DDoS protection capabilities, the key hardware is mainly CPU and memory.
5. Turn off unnecessary services and ports of the server. This is also the most common practice of server operation and maintenance personnel. In the server firewall, only open the used ports, such as: port 80 for website web services, port 3306 for database, and SSH service Port 22, etc., turning off and shielding unnecessary services and ports of the server, filtering fake IP addresses on the router, can also effectively defend against DDoS attacks to a certain extent.
6. Through the "load balancing" technology, the access requests are evenly distributed to multiple servers, and multiple servers jointly complete external services to solve the problem of a large number of concurrent access to the website.
With the preparation of DDoS protection measures, we should not panic when encountering a DDoS attack, calmly analyze the DDoS attack we suffered, and choose appropriate protective measures to minimize the destructive power of the attack.
This article is reproduced from: http://www.heikesz.com/ddos1/2332.html