Text/sub-non-fish
DoS is short for "Denial of Service". It refers to intentional attacks against network protocol defects or the use of brutal means to consume the resources of the target, the objective is to prevent the target computer or network from providing normal services or even system crashes. Early DoS attacks require a considerable amount of bandwidth resources, while individual intruders often do not have such conditions. However, the attacker later invented the Distributed attack method, that is, using the tool software to gather a lot Of network bandwidth to simultaneously launch a large number Of attack requests to the same target, which is DDoS (Distributed Denial Of Service) attack. In short, DDoS attacks are a collection of DoS attacks centrally controlled and launched by "intruders", which is very difficult to resist.
Many enterprise websites and personal websites have suffered more than once DoS/DDoS attacks, and have accumulated some experience in restoring them. Lessons learned from the past can remind us: "Why are we vulnerable to attacks like this? How can we prevent attacks before they can reduce the risk of attacks ?" The following lists the ten Effective Methods collected by the author to prevent and respond to DoS/DDoS Attacks:
1. Keep and regularly view various logs to help you analyze various situations.
The log looks boring and does not work in most cases. Once an accident occurs, it can provide you with important information reference. Check the log before getting off work every day.
2. Establish Standard and Emergency Operation Procedures in advance.
The former is SOPs, and the latter is EOPs. It is a basic literacy of a qualified network administrator who has established a proper procedure in advance and is not surprised.
3. Be prepared for the crisis.
Attacks often do not have a precursor, so being prepared is a long-term plan.
4. network administrators must be familiar with all configuration details.
If you take over the job halfway, you must consult and check all the work details.
5. perform security tests on the local and Internet respectively.
"Self-testing" is not only an exercise, but also giving yourself more security testing difficulties to help you know yourself and know yourself.
6. Watch out for potential risks caused by incorrect configurations.
Incorrect configuration usually occurs in hardware collocation, server system, or application, and sometimes the problem is hidden. Through repeated checks, the correct configurations of network connection devices and server systems, such as routers and switches, can reduce the possibility of various errors, intrusions, and attacks.
7. Be familiar with some configuration details in the past.
8. Always Be vigilant once an exception is found.
The most important thing for network administrators is their carelessness.
9. Grasp the balance between the simplicity of the network architecture and system overhead and security risks.
Simply adding a device is not equivalent to improving the protection mechanism. Just like adding a network system, it is costly because of simplicity and difficulty because of luxury.
10. Use security protection to reduce the risk of hacker attacks, such as installing firewall and other security devices.