DDoS attacks are now widespread, using the following methods servers can withstand a certain limit of DDoS.
1. Modify the registry. By modifying the registry, the system can withstand a certain amount of DDoS attacks. Modify the following values under [Hklm\system\currentcontrolset\service\tcpip\parameters]: SynAttackProtect REG_DWORD 2; EnablePMTUDiscovery REG_DWORD 0; NoNameReleaseOnDemand REG_DWORD 1; EnableDeadGWDetect REG_DWORD 0; KeepAliveTime REG_DWORD 300,000; PerformRouterDiscovery REG_DWORD 0; Enbleicmpredirects REG_DWORD 0.
2. Prohibit the use of network access programs such as FTP,TELNET,RSH,RLOGIN,RCP. Set according to the needs of the server.
3. Detect vulnerabilities in a timely manner to protect, such as patching. DDoS is mainly through vulnerabilities to achieve attacks. Some personal servers will be installed on the Forum program, the other side can use their script vulnerabilities to attack the system.
4. Do the firewall configuration. Run the port mapper or scanner on the fire wall to detect privileged and unprivileged ports.
5 Choose a good firewall. The hardware firewall price is more expensive, the general personal server can not afford, but the software firewall is also not much. Now abroad also has a lot of professional defense against DDoS firewall.
Dos,ddos,drdos now has no effective defense methods, but the general personal server to do above 5 o'clock can play a certain defensive role.