Alibabacloud.com offers a wide variety of articles about ddos prevention techniques, easily find your ddos prevention techniques information here online.
recently took a little time to "the King of Destruction-ddos attack and the depth of the prevention of the analysis" to read it, frankly, this book is relatively simple, can be said to be an introductory book, of course, for me this kind of DDoS smattering people, is also a good book, at least I learned something. DDoS
In the previous blog (http://cloudapps.blog.51cto.com/3136598/1708539), we described how to use Apache's module Mod_evasive to set up anti-DDoS attacks, in which The main prevention is the HTTP volume attack, but the DDOS attack way, a lot of tools, a random search to know, we look back, what is called Dos/ddos, see Wi
is, each operator in their own export router to authenticate the source IP address, if in their own routing table does not have to the packet source IP routing, the package is discarded. This approach can prevent hackers from using bogus source IPs for DDoS attacks. But again, this will reduce the efficiency of the router, which is the backbone operators are very concerned about the problem, so this practice is really difficult to adopt.The research
As a powerful hacker attack method, DDoS is a kind of special denial of service attack. As a distributed, collaborative, large-scale attack, it often locks victim targets on large Internet sites, such as commercial companies, search engines, or government department sites. Because of the bad nature of DDoS attacks (often through the use of a group of controlled network terminals to a common port to launch a
. Second, Distributed Denial of Service attacks are even more difficult to prevent. Because the Distributed Denial-of-Service attack data streams come from many sources and attack tools use the random IP technology, the similarity with valid access data streams is increased, making it more difficult to judge and prevent attacks.
Attack policy and Prevention
At present, with the wide spread of various DDoS
"The King of Destruction--ddos attack and prevention depth analysis"The development of cyberspace brings opportunities and threats, and DDoS is one of the most destructive attacks. This book introduces DDoS from a variety of perspectives, in order to answer some basic questions from the perspective of the attacker: who
the intranet, such as 10.0.0.0, 192.168.0.0, and 172.16.0.0, which are not fixed IP addresses for a network segment, but are reserved regional IP addresses within the Internet and should be filtered out. This approach does not filter the access of internal employees, but it will also reduce the number of fake internal IP filters that are forged during the attack, which can mitigate DDoS attacks.(8) Limit syn/icmp traffic (keep it up for a long time)T
request, the firewall will use the relevant rules to identify, provide attack prevention, intranet security, traffic monitoring, mail filtering, web filtering, application layer filtering.Finally, individuals should always pay attention to changing the factory default password.The Internet of things is connected to inanimate objects and allows any device to join and connect all devices in any location, allowing them to display "life" signs, which bus
of IP attacks on your server, you can easily block it. Isomorphism the following command to block IP or any other specific IP: Route add IPAddress Reject Once you have organized a specific IP access on the server, you can check it to prevent tofu from being effective By using the following command: Route-n |grep IPAddress You can also block the specified IP with iptables by using the following command. Iptables-a INPUT 1-s ipadress-j drop/reject Service Iptables Restart Service Iptables Save Af
administrator to shut down these machines, so that the first time to eliminate attacks. If you find that these IP addresses are from the outside rather than within the company's internal IP, you can take a temporary filtering method, the IP address on the server or router filtered.
(2) Locate the route that the attacker has passed and block the attack. If hackers launch attacks from certain ports, users can block these ports to prevent intrusion. However, this method is only one of the company
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.