What is
CC attack? CC attack, translated as challenge collapsar, is one of DDoS attacks and one of the most common network attacks. It mainly aims at the attack launched by layer 7 protocol of Web services. It searches anonymous HTTP proxy or socks proxy on the Internet through port scanner to send HTTP request to the target. CC attack is loved by a large number of hackers because of its quick effect, low cost and difficult to trace. What should we do when our website is attacked by CC? Today, Mozi security will briefly talk about the characteristics of CC attacks and how to defend against CC attacks?
First. What are the characteristics of
CC attacks?
1. The requests of CC attack are all valid requests simulating the real situation, so they cannot be rejected;
2. The IP addresses used to launch CC attacks are real and dispersed, so it is difficult to trace the source;
3. The data packets of CC attack are normal packets simulating real users;
4. CC attacks are generally aimed at Web attacks. The server can connect, Ping is OK, but the web page cannot be accessed.
Second. How to defend against
CC attacks?
1. Use session to execute access counter:
Use session to create a page access counter or file download counter for each IP to prevent users from frequently refreshing pages, resulting in frequent reading of databases or frequent downloading of files to generate a large amount of traffic. (download address should not be used directly for file download, so as to filter CC attacks in server code)
2. Generate static pages from the website
A large number of facts have proved that making the website static as much as possible can not only greatly improve the anti attack ability, but also bring a lot of trouble to hackers. For example, Sina, Sohu, Netease and other portal sites are mainly static pages. If you don't need a dynamic script, you can send it to a separate host to avoid the primary server in the event of an attack.
3. Enhance the TCP / IP stack of operating system
As server operating systems, WIN2000 and Win2003 have the ability to resist DDoS attacks. It is not enabled by default. If you enable them, they can withstand about 10000 syn attack packets. You can go to the Microsoft official to see how to operate.
4. Deploy CDN defense
The most simple and convenient way to prevent CC attacks is to hide the server source IP by accessing the Mohist CDN, which can automatically identify malicious attack traffic, intelligently clean these false traffic, and return normal visitor traffic to the source server IP to ensure the normal and stable operation of the source server.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.