Server Security Dog DDoS protection how to set up

Source: Internet
Author: User

Next we have a detailed understanding of the DDoS attack protection capability and its settings:

The user can turn on/off the DDoS firewall function by clicking the "turned on"/"Closed" button at the top right of the action interface. It is recommended that users install the server security dog and immediately turn on the DDoS firewall. The ability to defend against DDoS attacks is only enabled by the DDoS firewall, as shown in the following illustration:

Parameter settings: DDoS firewall parameters, all settings for a single IP. All parameters are based on the best value from the experimental test, so it is generally recommended that users use the system defaults directly. At the same time, in the use of the process, users can also according to the actual attack situation at any time to modify the value of each parameter, as shown in the figure:

Here's a detailed description of these parameters.

The "IP Freeze Time" is used to set the length of time that the IP that the security dog is judged to be an attack will be blocked, the time unit is minutes, the value must be an integer greater than 1, the user can modify the length of the restricted access depending on the attack situation, as shown in the following figure

SYN attack sets the number of TCP connection request responses per IP in a unit of time. This feature is used for SYN attack protection, the time unit is seconds, the value needs to be greater than 1 integers, generally using the default parameter 500, if the attack situation is more serious, you can appropriately reduce the connection request parameters, then what is TCP? This will involve the TCP/IP protocol.

TCP/IP (Transmission Control protocol/internet Protocol), the Transmission Control Protocol/Internetwork Protocol, is an industry-standard protocol set that is designed for wide area networks (WANs).

So what is a TCP connection request?

We can find a large number of more formal explanations on the Internet, here we introduce a little bit first. For example, you want to go to a friend's house to play, the friend is a new acquaintance, so you do not know his home address, then you need to ask his home address, and then you find a time to find him. Here "TCP connections" represent the process of "face-to-face contact and negotiation between your friends", and "Friends give you The address" represents the IP address. That's as we set the 10-second response to the TCP connection request number 500, it means you have to ask this friend his address 500 times in 10 seconds (of course it's just a metaphor that reality is unlikely to be implemented), which creates a lot of load, which can cause the computer to be overloaded and not functioning properly. Analogy may be more popular and not very accurate, but at least let people know that is the meaning. Set the following figure:

A scan attack is a scan of a server's ports or vulnerabilities through some software and then invades the computer. "Scan attack" is to set the number of times the server request response times, the time unit for the second, take a value of more than 1 integer, the general use of the default parameter 500, if the attack is more serious, you can appropriately reduce the number of response requests, specific settings as follows:

"Traffic attack" sets the number of TCP/UDP packets per IP sent by the server in the unit time, the time unit is seconds, the value needs to be more than 1 integer, generally use the default parameter 500, if the attack situation is more serious, can appropriately reduce the number of response requests, This attack consumes network bandwidth or uses a large number of packets to overwhelm one or more routers, servers and firewalls; The common form of bandwidth attacks is that a large number of seemingly legitimate TCP, UDP, or ICMP packets are delivered to a specific destination, and we use the secure dog settings to defend them when the packets reach a certain number of times. Set the following figure:

When all is set, click "Save" so that the settings are complete. The following figure:

DDoS attack protection is very important, we must carefully set up to achieve the best protection effect.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.