How does cc attack websites and games targeted prevention?

1:CC Attack principle
CC = Challenge Collapsar, formerly known as the Fatboy Attack, is the use of constantly sending connection requests to the site
For the purpose of forming a denial of service,
A CC attack is a DDoS (distributed denial of service), which seems to be more technical than the other DDoS attack CC. This
Type of attack you do not see the real source IP, see the unusually large abnormal traffic, but the server can not be properly connected. Most let stand
The long worry is that this attack technology is low, the use of tools and some IP agents an initial, intermediate level of computer users can
Enough to implement the attack. Therefore, it is necessary to understand the principle of CC attack and if you find a CC attack and its preventive measures.
The principle of CC attack is that the attacker controls some hosts to send a large number of packets to the other server causing the server resource consumption.
Until the downtime crashes. CC is mainly used to attack the page, everyone has this experience: when a Web page to access the People
In a very high number of times, open the Web page is slow, CC is to simulate multiple users (how many threads is how many users) constantly visit
Ask for pages that require a lot of data operations (that is, a lot of CPU time), resulting in wasted server resources, long CPU time
At 100%, there is always an endless connection until the network is congested and normal access is aborted.

2:CC Protection Strategy
A CC attack can be categorized as a DDoS attack. They all have the same principle, that is, sending a large amount of request data to cause
Server denial of service, is a connection attack. CC attacks can be divided into proxy cc attacks, and broiler cc attacks. Proxy cc attacks are
The hacker uses proxy server to generate legitimate webpage request to the victim host, implements DOS, and pretends to be called: CC (Challenge
Collapsar). and the Broiler cc attack is a hacker using CC attack software, control a large number of broilers, launch attacks, compared to the latter than the former
More difficult to defend. Because broilers can simulate a normal user's request to visit a website. Forged into legitimate packets.

The CC attacks are primarily used to attack websites. It must have been the case that when you visit a website,
A large site, more people to visit, open the page will be slower, right?! In general, the more people you visit
, the more pages of the forum, the larger the database, the higher the frequency of access, the use of system resources is considerable, and now
Know why a lot of space service providers say you do not upload forums, chat rooms and other things.

A static page does not need the server how much resources, even can say directly from memory to read out to you, but
is the forum and other dynamic site is not the same, I read a post, the system needs to go to the database to determine whether I have read the post
permissions, if any, read out the contents of the post, showing it-at least 2 times the database is accessed, if the database
Volume is 200MB in size, the system is likely to be in this 200MB size of the data space to search again, which requires how much CPU resources and
Time? If I was looking for a keyword, then the time was even more impressive, because the previous search could be limited to a very small fan
Inside, such as user rights only check the user table, post content only check the post table, and find out can immediately stop the query, and search
It is certain that all the data will be judged once and the time spent is quite large.

The CC attack is to take advantage of this feature to simulate multiple users (how many threads are the number of users) without constant access
(Access to pages that require a lot of data, that is, a lot of CPU time, such as asp/php/jsp/cgi). Many friends
Friends asked, why use the agent? Because agents can effectively hide their identities, they can also bypass all firewalls
, because basically all firewalls will detect the number of concurrent TCP/IP connections, and a certain number of frequencies will be considered
It's connection-flood. Of course, you can also use broiler to launch CC attacks. The CC attack effect of broiler is more significant. Causes the server
CPU0, even the freezing phenomenon.

The use of proxy attacks can also be very good to maintain the connection, we send the data here, the agent to help us forward to the other side of the server,
We can disconnect immediately, and the agent will continue to connect with each other (I know the record is someone using 2000 agents to produce
350,000 concurrent connections).

Of course, CC can also use this method to FTP, game port, chat room, etc. to attack, also can achieve tcp-
FLOOD, these are tested and effective.

Protection against CC attacks can be a variety of methods to prohibit site proxy access, as far as possible to make the site static pages, limit the number of connections
, Access frequency control, source restrictions, client IE authentication and a series of policy rules and combination policy interception. Secure Pass Ownership
Multi-year CC protection interception experience to protect your site from all known cc attacks, as well as a variety of customization for customer usage
Blocking rules to protect your site from CC, by filtering out various variants of CC.

How does cc attack websites and games targeted prevention?