Principle of ticket snatching plug-ins Popular Science: attack software or convenience assistant?
Reprinted from: http://www.kuqin.com/web/20130121/333959.html
[Reprinting reason: it is easy to understand, but I think that some illegal websites use ticket snatching as the guise. If I have recorded my personal account information, it will be too big.]
Author profile: Senior Product Manager, once working on Sina, now working on Joseph network, the product "Enterprise Q & A", is a Q & A Community product for entrepreneurs.
In addition to the Spring Festival Gala, the most popular thing recently is the ticket grabbing plug-in. Many users have also successfully bought tickets. But the problem arises: is the ticket grabbing plug-in a malicious attack software? What if we use the ticket snatching plug-in to calculate the behavior of "Gazer? Let me briefly explain how the ticket grabbing plug-in works. The above questions will naturally be solved.
In layman's terms, the 12306 website is like an unscrupulous supermarket. The ticket snatching plug-in is neither a "plug-in" nor a malicious attack software. The most fundamental solution to the ticket snatching plug-in is to improve the technical level of websites by 12306.
First, let alone plug-ins, attacks, and browsers. Here is a small example in daily life:
It is said that a supermarket is very popular, but there is only one cashier, and there is also a rule: When you want to pay, if someone else at the cashier is paying, so please put down the goods and immediately leave the mall (not a second) out for a stroll, the length of time does not matter. But when you come back, if there are still people at the cashier, You have to continue until the cashier is empty when you come back.
As you can see, this rule is fatal. It is very likely that the cashier was not there during the period when I went out for a stroll, but when I came back, someone was in front of the bill, so I have to go out again. If a person is unlucky and there is no one when he comes, he will have to go back and forth for a long time if he wants to pay the money successfully.
In order to solve this problem, you can shorten the time to slide, and then go to the cashier to see it later, so as not to miss the opportunity. Obviously, this is not only tiring, but also a waste of life.
At this moment, a smart person stood up and invented a robot. When you went out for a stroll, he checked every few seconds to see if anyone had paid for you. Once he found no one, he immediately called you: "Come on, you can pay the fee!" In this way, we can watch movies, eat, and play games with confidence. Once we receive a call from a robot, we will fly back.
The 12306 website is the unscrupulous supermarket. Once a user fails to submit a request, the user must initiate another ticket purchase request. For Internet operations, re-initiating a request is equivalent to "going out and then coming back ". The ticket grabbing plug-in is the robot. When you go out for a stroll, you will be requested to purchase 12306. According to the instructions, the ticket snatching plug-in will initiate a request every six seconds, just like 12306. Once the ticket grabbing plug-in finds that there is no one at the cashier, it will send you a notification: "Yes, yes, come and buy it ". With the ticket grabbing plug-in, you can click "on duty" to refresh Weibo, watch movies, or write a year-end summary.
It can be seen that the ticket snatching plug-in is a very good product, which helps people overcome the technical defects of 12306 and buy tickets more quickly and easily; the use of the ticket snatching plug-in is not a "gassé" Action. Instead, he does not mention people later, but rather lets people who are already at the forefront not miss the opportunity.
But the ticket grabbing plug-in also has a bad side. As you can imagine, the access speed of 12306 is slow because there are too many visitors and the server cannot withstand such a huge access pressure. The ticket grabbing plug-in submits a request to the server every six seconds, which is much higher than the normal access frequency of a natural person, further increasing the access pressure on the server, it forms a vicious circle of "getting slower and getting slower.
In the field of network security, there is a hacker attack method called DDoS attack, which is the most primitive, most violent, least technical, but most often the most effective attack method, the principle is to control multiple computers (usually tens to hundreds of thousands) to initiate intensive access to a website server (the access pressure can reach millions to tens of millions per second ), this causes slow server response or even downtime.
If some data of the ticket snatching plug-in is extreme, it will achieve the same effect as DDoS attacks. For example, the access interval is not 6 seconds, but 0.1 seconds, that is, 10 requests are submitted to the server every second. Then, assume that 1 million people in China are using the ticketing plug-in at the same time. After a simple calculation, we can see that the ticket grabbing plug-in will put 12306 of the servers under 10 million access pressure per second. For most servers, the access pressure of tens of millions per second is terrible.
However, there is a difference between the ticketing plug-in and DDoS:
1. Although the ticket snatching plug-in increases access pressure by 12306 objectively, it is still subjective to help users quickly buy tickets. This is essentially different from DDoS attacks that make the website server crash.
2. The ticket snatching plug-in is automatically installed on your computer, and the user initiates a ticket grabbing plug-in to access 12306, you can terminate the access to the ticketing plug-in at any time. The initiators of DDoS attacks usually intrude into others' computers (known as bots) through secret means, and then launch attacks by controlling bots. During the entire attack process, the zombie master neither decides when to start or stop the attack, nor even knows that his computer has become a zombie.
3. The users of the ticketing plug-in are independent of each other, and the access behavior is spontaneous, the reason why a large number of users use the ticketing plug-in at the same time is due to the approaching spring festival and the Ministry of Railways's ticket sales policy (available 20 days in advance). DDoS attacks are planned, the attacker intentionally controls a large number of bots and initiates attacks at the same time.
Therefore, the ticket snatching plug-in is not a malicious attack software.
The most fundamental solution to the ticket snatching plug-in is to improve the technical level of websites by 12306. First, we should temporarily improve the server's anti-stress capability before and after major holidays. Second, improve website production and reduce unnecessary access pressure and bandwidth usage. Third, create a queue for user-submitted ticket purchase requests.
Generally speaking: first, the window for buying tickets is added. Second, the ticket conductor is added. Third, let the later customers queue up.