Ticket-grabbing plugin is not a malicious attack software

Source: Internet
Author: User
Keywords The principle of stealing tickets
Tags 12306 website 12306 websites access attack software behavior buy tickets ddos ddos attack

Absrtact: In layman's terms, 12306 websites are like a unscrupulous supermarket, the ticket-grabbing plugin is not stoppering, nor is it a malware attack software. The most fundamental way to solve the ticket-grabbing plug-in is to improve the technical level of the 12306 website. The most recent thing except the Spring Festival Gala is to rob the ticket plugin

In layman's terms, 12306 websites are like a unscrupulous supermarket, and the ticket-grabbing plugin is not "stoppering", nor is it a malware attack. The most fundamental way to solve the ticket-grabbing plug-in is to improve the technical level of the 12306 website.

The most recent thing in addition to the Spring Festival Gala is the ticket plug-in, many users also to buy the ticket smoothly. But the question follows: is the ticket-grabbing plug-in really malicious attack software? Do we use ticket-grabbing plug-ins to count as "Gassel" behavior? Let me explain briefly the working principle of the ticket-grabbing plug-in, which is naturally solved.

Put aside the plugins, attacks, browsers these Internet professional vocabulary, give a small example of daily life:

In other words, a supermarket is very hot customer overcrowding, but only a cashier, and there is a rule: when you want to pay, if someone is paying the cashier, then please put down the merchandise immediately leave the store (a second can not wait) go out to stroll around, the length of time does not matter. But by the time you get back, if there's someone at the checkout, you're going to keep going, until the checkout is empty when you get back.

As you can see, the rule is that it's very likely that when I go out for a while, there is no one at the cashier's desk, but when I come back there is a man in front paying, so I have to go out again. If a person is very unlucky, every time he comes when someone, go to no one, then he wanted to pay the success of the need to go back and forth many times to waste a long time.

In order to solve this problem, you can shorten the time to stroll, and then go to the checkout counter to avoid missed opportunities. Obviously, it's not only tiring, it's a waste of life.

Then a wise man stood out, invented a robot, when you go out to stroll, he every few seconds for you to see if there is a fee, once found no one immediately call you: "Come on, you can pay!" In this way we can rest assured to see the film, Eat, play games, once received the phone of the robot flew back.

12306 website is that unscrupulous supermarket, once the user submits the request fails, the user must take the initiative to initiate a purchase ticket request. For internet operations, restarting a request is equivalent to "going out for a stroll and then coming back." The ticket-grabbing plugin is the robot that mentions the purchase request to 12306 when you go out for a stroll. According to the instructions, grab the ticket plug-in every 6 seconds like 12306 to initiate a request, once the ticket plug found "cashier" no one, he will give you notice: "There are tickets, hurry to buy it." With the ticket plugin for your "on duty", you can go and brush your microblog, watch a movie, or write a year-end summary.

Visible, ticket-grabbing plug-in is a very good product, it helps people to overcome 12306 of their own technical flaws, faster and simpler to buy tickets; use of ticket-grabbing plug-ins is not "stoppering" behavior, he is not the next person to mention the front, but let the original line in front of the people do not miss the opportunity.

But there is a bad side to the ticket-grabbing plug-in. You can imagine that the 12306 is slow to access, because the number of people visiting, the server can not withstand such a huge access pressure. And grab the ticket plug-in every 6 seconds to submit a request to the server, much higher than a natural person's normal frequency of access, further exacerbated the server access pressure, forming a "more slowly rob more slowly," the vicious circle.

In the field of network security, a hacker attack, called a DDoS attack, is one of the most primitive, most violent, and least technical but often most effective means of attacking a Web server by controlling multiple computers (usually tens of thousands of to hundreds of thousands of). Access pressure can reach millions of to tens of millions of times per second, resulting in slow server response and even downtime.

If some of the data of the ticket-grabbing plug-in is extreme, it will achieve the same effect as the DDoS attack. For example, the access interval is not 6 seconds, but 0.1 seconds, that is, 10 requests per second to the server; So a simple calculation, the ticket-grabbing plug-in will be 12306 of the server will cause 10 million times per second access pressure. For most servers, the million-per-second access pressure is extremely scary.

But there is a difference between the ticket-grabbing plug-in and the DDoS:

1. The ticket-grabbing plug-in although objectively increased the access pressure of 12306, but subjectively to help users buy tickets quickly. This is a DDoS attack is the purpose of the Web server downtime is fundamentally different.

2. Grab the Ticket plug-in user initiative to install to their own computer, and the use of ticket-free plug-in to 12306 of the access behavior is also initiated by the user, at the same time, as long as he is willing, can terminate the ticket to seize the access behavior. The initiators of DDoS attacks are usually the secret means of hacking into others ' computers (called chickens), and then by controlling the chicken launch attack. During the attack, the owner of the broiler could neither decide when to start the attack nor decide when to terminate the attack or even know that his computer had become a broiler.

3. The users of ticket-grabbing plug-ins are independent of each other, the visit behavior is spontaneous, the reason why a large number of users at the same time using the ticket plug-in is due to the Spring Festival and the Railway Ministry's ticket policy (20 days in advance booking);

Therefore, the ticket-grabbing plug-in is not a malicious attack software.

The most fundamental way to solve the ticket-grabbing plug-in is to improve the technical level of the 12306 website. First, before and after major holidays should be temporarily upgraded server pressure. Second, improve site production level, reduce unnecessary access pressure and bandwidth consumption. Third, the queue is established for the purchase request submitted by the user.

In layman's terms: first, increase the window to buy tickets. Second, to increase the conductor. Third, let the later customers line up.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.