Talk about the cloud version of Denial of service attacks

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Denial of service Dos attacks on network security issues, even distributed DDoS, is not cool at all. Distributed denial of service attack is to launch a large number of "people" on a server (in most cases a Web server) to send a service request, the purpose is to make it paralyzed (up to 100% CPU utilization, running out of memory, congestion network traffic) and thus unable to provide normal services. It is not cool to say that this attack is because an attacker cannot get important secret information or a clear benefit value through an attack. The paralysis of a server does not mean that the server can take up smoke to burn, but at the software layer caused the service to abort, restart the server to restore the service. The denial of service attack must not be used to prevent denial of service, which is just the trap. The right is also very helpless way: After the detection of DOS, replace the IP address. An important service site often uses many IP addresses to connect more servers and do dynamic load balancing, and such sites are not easily paralyzed by denial of service attacks.

The elasticity of cloud computing is probably the most obvious difference from the traditional local computing. Flexibility is the change in the demand for computing resources can be dynamic increase and decrease capacity. The widely used server virtualization technology in cloud computing can also make dynamic load balancing very efficient and completely automated: cloud infrastructure service providers can automatically increase the number of servers and network bandwidth when service requirements become larger. Because the expansion is done by increasing the virtual machine, it is easy to automate and must be automated to reflect the benefits of cloud computing. So denial of service attacks when it comes to cloud computing should be a game. But we also have to remember that the resilience of cloud computing is also reflected in the way computing resources are paid in real terms. So when a cloud user encounters a denial-of-service attack, it is likely to wait until the end of the month to pay the card to know what is going on, perhaps worse still don't know what happened! For this reason we can change the Denial-of-service attack on the cloud version of the name called "Empty bank Account" attack, translated into English can be called DOB ( Depletion of bank), distributed (distributed) empty bank account is abbreviated as DDOB.

Do not assume that the author is creating a relaxed atmosphere in a way that is not serious. No cloud-computing infrastructure service provider has devised an SLA (service level agreement) to determine whether it is (infrastructure service provider) or user (such as a user who makes Web services on the cloud), Which party should be responsible for the overcharged fees. This is a very serious and serious problem to be solved urgently.