Website Security Alliance: Webmaster How to deal with DDoS attacks series tutorials (Iv.)

Source: Internet
Author: User
Keywords DDoS

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

When a DDoS denial of service attack occurs on a Web site, the Eesafe in the method used to help the site resolve the DDoS attack type is the second link and a step in the solution of DDoS.

The current Web site Security Alliance will encounter Denial-of-service attacks in the following three main categories:

1, upgraded and changed SYN attack

This attack is most effective for Web sites that provide services based on providing ports, which can be said to kill a variety of server operating system network services. The idea is to use botnets to send a large number of spoofed source ip+ source port SYN packets to Web services, the same is true of the ACK attack of the upgrade transformation, it is also to make the website server resources exhausted by sending a large number of spoofed source ip+ source ports to the website service, thus unable to provide the normal service.

  

2. TCP Full Connection attack

Some of the size of the site are mostly installed software or hardware firewall, these firewalls are generally equipped with filtering teardrop, land and other attacks, but the normal TCP connection they are allowed. However, because the number of connections to TCP is limited to Web servers such as IIS and Apache, a large number of TCP connections can cause Web site access to be slow or denial of service. TCP Full Connection attack is the use of zombie host and Web server to establish a large number of TCP connections, resulting in the depletion of server resources.

  

3. Scripting based attacks

Almost every site has a list or information query function, these features are mostly slow to use, and are more expensive server memory, script attack formal use of this, looking for the function of server resources, using several agents to the Web server to send a large number of resources can be consumed by requests, This causes server resources to run out and denial of service.

This is the website security Alliance classification of several common DDoS denial of service attacks, when it can be determined what kind of attack, can be a good plan and build a defensive system, in the shortest possible time to achieve the purpose of defending against DDoS attacks

Original article, reprint please specify the copyright belongs to: Eesafe website Security Alliance

Reprint please indicate the original address in the form of link: http://www.eesafe.com/bbs/thread-546-1-1.html

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.