How to determine whether traffic attacks have been detected

Q: My online check software warned me that I found a DDoS attack. What does this mean? The machine is a LAN. Is it related to this? How should I determine whether I have been attacked by traffic?

A: DDoS is short for Distributed Denial of Service, meaning "Distributed Denial of Service ". As you can understand, any behavior that causes legal users to be unable to access normal network services is a denial of service attack. That is to say, the purpose of a Denial-of-Service attack is to prevent legal users from accessing normal network resources and achieve the ulterior motives of attackers.

DDoS attack policies focus on sending a large number of seemingly legitimate network packets to the affected host through many "zombie hosts" (hosts that have been intruded or can be indirectly used by attackers, as a result, the network is blocked or the server resources are exhausted, resulting in a denial of service. Once a distributed denial-of-service attack is implemented, the attack network package will flood into the affected host, so as to drown out the network packages of legitimate users, as a result, legal users cannot access the network resources of the server.

It is very easy to determine whether the website has suffered a traffic attack. You can test it by using the Ping command. If Ping times out or packet loss is serious, the website may have suffered a traffic attack. If you find that the server connected to the same vswitch with your host cannot be accessed, you can be sure that the server is under a traffic attack.
 
 

 

Reprinted from: http://edu.chinaz.com