Server attacks include cc attacks, syn attacks, udp attacks, and tcp flood attacks. So what are the symptoms of the attack? How can we determine whether the server is under attack? What type of attack is it? Hua qingtaihe Technology Co., Ltd. will explain for you.
Type 1: CC attacks
A. The website prompts "service unavailable ".
B. High CPU usage
C. network connection status: netstat-na. If a large number of ESTABLISHED connections are observed, a single IP Address can contain up to dozens or even hundreds of connections.
D. The website cannot be opened externally. After soft restart, the website will return to normal in a short period of time and cannot be accessed in a few minutes.
Type 2: SYN Attacks
A. High CPU usage
B. network connection status: netstat-na. If a large number of SYN_RECEIVED connections are observed
Type 3: UDP attacks
A. Observe the NIC status and accept A large number of packets per second
B. Network Status: The netstat-na TCP information is normal.
Type 4: TCP flood attacks
A. High CPU usage
B. netstat-na: If you find that a large number of ESTABLISHED connections exist, up to dozens or even hundreds of IP addresses can be connected.
The judgment analysis mentioned above allows us to accurately determine what the problem is and how to solve the problem as soon as possible. So that we can better maintain our website security.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
