There is a virus in a machine in a LAN. If the virus is not eliminated and isolated in time, other machines will soon be infected with the virus. Once the virus is infected with the whole site machine, the network anti-virus will be disabled, and a large amount of manpower and material resources will be invested in repeated checks; otherwise, the system will be damaged, and Internet cafes will be forced to shut down. Internet cafe owners are talking about viruses. Those who have experience in managing Internet cafes or data centers must know that viruses on machines are a headache, in particular, Intranet server DDoS attacks and switch DDoS attacks directly affect the security of Internet cafes. This article describes how to solve this problem.
1. install filtering software on PC
Similar to ARP defense software, it monitors all packets in the NIC and compares them with the content set by the software. Limited by the processing capability of the software itself, this type of software generally only filters TCP protocol, but does not filter UDP, ICMP, ARP and other packets used by a large number of games and video applications in Internet cafes.
2. Add firewall before key devices
Add a firewall before a key device to filter out DDoS attacks initiated by an intranet PC to a key device. This method installs a hardware firewall in front of each core network device, such as a core switch, router, or server, the overall protection cost is too high, which makes the solution unable to fully protect key devices in Internet cafes. At present, the overall firewall passing capability and protection capability of about 2-3 RMB is about 60 MB.
3. filter all DDoS attacks on the network through the Security Switch
Through the built-in hardware DDoS defense module of the switch, each port filters the received DDoS attack packets based on hardware. At the same time, when the switch enables DDoS attack defense, it also enables its own protocol protection to ensure that its CPU is not affected by DDoS packets.