Today a process to ask CEOs learning, holds many lessons to talk about the problem of DDOS ***. *** The manager said looking than looking defense. why? Because we all know that defense costs are higher, *** small cost, but some of the people around him made me a hard time, I'm going to make him even more uncomfortable heart, so we do not take into account how the defense. When the retribution of it? If we are a high number of high-volume business sector, the business is often affected *** is a big loss, so the most fundamental solution is to do network security measures.
Before a friend said to me: DDoS *** only be regarded as entry-level, there is no technical content. Ink security think it is because it is an entry-level, we often easy to ignore its existence, and forget the horror of it, *** *** the use of low cost and a large botnet resources frequently caused damage to the enterprise. Mainly in sending a large number of malicious access requests, taking up server resources, consumes bandwidth and CPU memory, the site is down, open, business suspended. But also to corporate reputation, property caused huge losses. And some will use DDoS *** *** Advanced carry hidden viruses and ransomware, so that their core data and other information leakage. Therefore, the threat of DDOS serious impact on the development of enterprise information security. And not just business, various parts of the world, are played out every day to launch the network *** ***, DDOS *** etc., seriously affected the development of Internet information security.
How do DDoS defense do?
1. First make sure the server is using the latest systems, install and regularly update patches, bug fixes, delete unused ports closed, a reasonable set of routers and firewalls, to do with rights management;
2. Do not just download the application unsolicited, not free to link unknown point in being open to receive mail, as well as sending e-mail server is not used, to avoid misuse causes the server to be carrying the virus, *** infections, making it the zombie chickens, but also avoid the disclosure of IP addresses;
3. use high anti CDN distributed storage, as well as load balancing and global networks to focus management technology, to provide users with efficient principle of proximity-type content distribution service. User to hide the source station IP, substitute cleaning, filtering malicious access, in order to avoid a direct hit on the source station *** IP.
4. Use high anti-IP to mitigate DDOS ***. IP is primarily high anti-alias hiding IP source station, malicious traffic *** filtered and washed, and then through the port forwarding protocol manner, the normal access request is forwarded to the IP source station. In order to ensure that the source IP station is not affected, and access can be normal and stable operation.