August 25 night, hammer "nut cell phone" conference postponed, ppt a pile of mistakes, Rob Red envelopes Fault, it is reported that the Hammer official website of the server encountered dozens of G traffic DDoS malicious attack, on-site PPT is also temporary rush system, side write side with, well a conference was a launch by DDoS attack mess.
Distributed Denial-of-service Attack (DDoS) is a common method of network attack, and its English is all called distributed denial of Service。 In simple terms, many Dos attack sources attack a server together to form a DDoS attack that multiplies the power of denial-of-service attacks. Typically, an attacker installs an attack program through a proxy program on each "broiler" on the network, and the agent launches an attack when it receives instructions.
DDoS attacks are very harmful, and difficult to prevent, can directly lead to Web site downtime, server paralysis, causing authority damage, brand humiliation, property loss and other huge losses, seriously threatening the development of Internet Information security in China.
With the rampant spread of DDoS attacks on the Internet, the prevention of DDoS becomes more difficult. Data show that this year Q2,ddos attack activity set a new record, an increase of 132%. Among them, the largest amount of DDoS attack peak traffic exceeded the 13-hour Gbps, more than the last. At present, the hacker even marked the attack, hit 1G traffic to a website an hour, just 50 dollars. The cost of DDoS is so low, and no one to attack, then, the vast number of Web site users should take what measures to effective defense? Let me introduce the basic method of defending against DDoS.
1, to ensure the security of the server system
The first step is to ensure that the server software does not have any vulnerabilities to prevent an attacker from invading. Make sure the server is up to date with the latest system and security patches. Remove unused services on the server and turn off unused ports. For a Web site running on a server, make sure it has the latest patches and no security vulnerabilities.
2, hide the true IP address of the server
Server Front-End plus CDN relay (free to have Baidu cloud acceleration, 360 site guards, accelerated music, security, etc., if the funds are abundant, you can buy high defense shield machine, for the hidden server real IP, domain name resolution using CDN IP, all the resolved subdomain use the IP address of CDN. In addition, other domain names deployed on the server can not use real IP resolution, all using CDN to resolve.
In addition, to prevent the server from transmitting information to reveal the IP address, the most common situation is that the server does not use the Send mail function, because the message header will leak the server's IP address. If you do not want to send a message, you can send it through a third-party proxy, such as Sendcloud, so that the IP address of the proxy is displayed.
In short, as long as the server's true IP does not leak, 10G below the small flow of DDoS prevention will not cost much money, free CDN can cope with it. If the attack traffic exceeds 20G, then the free CDN may not be able to withstand, need to buy a high defense shield machine to cope with, and the server's real IP also need to hide.