As long as the use of appropriate, CC attacks can not only attack the site, it can also attack servers such as FTP. So the risk of CC attacks is very high. Below the depth of XP system download station small series through the Shield firewall to explain how to identify whether the CC attack.
(1) Open the KfW Enterprise Network Monitoring window and click Query view in the list of left views, as shown in the figure.
(2) A detailed list of all connections can be seen when an interface appears as shown in the illustration. When you click the source IP entry, a gray up or down arrow appears to show that the source IP is in order at this point, and you can easily see how many connections each IP and server establishes.
Because the CC attack, the hacker 舣 is to control hundreds or thousands of agents and frequent connection with a server, in order to achieve the purpose of depleting the eye service resources. So, when Cha see the Source IP column has more than the usual several times or even dozens of times times the connection information, and a single IP and server to establish a connection there are many times, it is a result of the CC attack.