Principle analysis and defense method of QQ message bomb

What is the QQ message "bomb"?

It refers to the attackers in an instant to the victim's QQ to send a large number of garbage information, open countless message windows, so that QQ overwhelmed, and thus can not be used normally. As a result of this "bomb" a large number of limited network bandwidth, blocking the network, so users will be slow to surf the internet, when a large number of system resources are occupied, but also may cause computer crashes. This message "bomb" sent by the QQ message in fact, and we normally chat the same message, but its content is meaningless, send a very short speed, such as floods can not resist.

QQ message "Bomb" class of attack software is very many, the representative has "durian", qqsend and early qqjoke, such as the use of these attack software is relatively simple, after the operation of the first fill in the victim's computer IP address and port number, and then fill in the message to send and send the number of times, You can send spam messages to each other's QQ, below we take the classic "floating leaves thousand fingers" as an example to introduce.

There are 10 messages to send from the "fluttering fingers". Attackers can also click the "Edit" button to add their own content to send, when in the software input the IP address and port number of the attacked computer, click the "Send" button to start "bombing", if the check software "automatic cyclic transformation statement" item, Messages from different content in the message store will be circulated to the victim, press the "Do not kill the anger" button, the garbage sent to the victim will be uninterrupted, if not stop, I am afraid in the attack on the computer will never be able to login QQ! In addition, this attack software also supports the group function, can carry on the message "bomb" attack to entire chat group.

The message "Bomb" principle

QQ message "Bomb" is widespread, mainly because of QQ itself network protocol and software design there are loopholes, QQ mainly using UDP protocol for data transmission (a connectionless protocol), although its communication effect is better, but not as reliable as the TCP protocol, Applies only to a small amount of data transmitted at one time, or to an environment where data reliability requirements are not high. We chat with QQ, sent are point-to-point message packets, that is, chat messages are sent directly from their own here to QQ friends (only when friends are not in line, or the other side of the network is not available, chat messages are stored in the Tencent server). The unreliability of the UDP protocol makes it difficult to forge UDP packets, coupled with point-to-point transmission of the ordinary user's real IP address is very easy to expose in front of the attacker, so the message "bomb" can be forged through the message packet, easily targeted at IP address attack, bombing you did not discuss!

There is also a kind of QQ message "bomb" software, it is based on the QQ program itself to receive loopholes in the development of information, it does not need to know the victim's IP address, as long as you know its QQ number can be "indiscriminate bombardment", the most hateful is that most of the network firewall that these "bombs" is the normal QQ message, Do not block.

"Bomb removal" coup

Know the QQ message "bomb" the principle of attack, we can find ways to avoid its threat. For ordinary QQ users, the simplest way is to use proxy server to login QQ, in order to hide their own computer real IP address purposes. When our QQ is suffering from "bomb" attack, you can drag the attacker from QQ friends to the Blacklist, and the QQ set to "refuse to accept the message of strangers." In addition, remember to update the QQ version in time, because every new version of it will fix the previous version of the vulnerability, so that part of the attack software failure.