How to solve the problems of switch DDoS attacks and Intranet server DDoS attacks
Those who have experience in Internet cafes or data center management must know that computer viruses are a headache, especially intranet server DDoS attacks and switch DDoS attacks, which directly affect the security of Internet cafes, share the solution to this problem.
1. install filtering software on PC
Similar to ARP defense software, it monitors all packets in the NIC and compares them with the content set by the software. Limited by the processing capability of the software itself, this type of software generally only filters TCP protocol, but does not filter UDP, ICMP, ARP and other packets used by a large number of games and video applications in Internet cafes.
2. Add firewall before key devices
Add a firewall before a key device to filter out DDoS attacks initiated by an intranet PC to a key device. This method installs a hardware firewall in front of each core network device, such as a core switch, router, or server, the overall protection cost is too high, which makes the solution unable to fully protect key devices in Internet cafes. At present, the overall firewall passing capability and protection capability of about 2-3 RMB is about 60 MB.
3. filter all DDoS attacks on the network through the Security Switch
Through the built-in hardware DDoS defense module of the switch, each port filters the received DDoS attack packets based on hardware. At the same time, when the switch enables DDoS attack defense, it also enables its own protocol protection to ensure that its CPU is not affected by DDoS packets.
There is a virus in a machine in a LAN. If the virus is not eliminated and isolated in time, other machines will soon be infected with the virus. Once the virus is infected with the whole site machine, the network anti-virus will be disabled, and a large amount of manpower and material resources will be invested in repeated checks; otherwise, the system will be damaged, and Internet cafes will be forced to shut down.