recently took a little time to "the King of Destruction-ddos attack and the depth of the prevention of the analysis" to read it, frankly, this book is relatively simple, can be said to be an introductory book, of course, for me this kind of DDoS smattering people, is also a good book, at least I learned something. DDoS
In the previous blog (http://cloudapps.blog.51cto.com/3136598/1708539), we described how to use Apache's module Mod_evasive to set up anti-DDoS attacks, in which The main prevention is the HTTP volume attack, but the DDOS attack way, a lot of tools, a random search to know, we look back, what is called Dos/
is, each operator in their own export router to authenticate the source IP address, if in their own routing table does not have to the packet source IP routing, the package is discarded. This approach can prevent hackers from using bogus source IPs for DDoS attacks. But again, this will reduce the efficiency of the router, which is the backbone operators are very concerned about the problem, so this practice is really difficult to adopt.The research
. Second, Distributed Denial of Service attacks are even more difficult to prevent. Because the Distributed Denial-of-Service attack data streams come from many sources and attack tools use the random IP technology, the similarity with valid access data streams is increased, making it more difficult to judge and prevent attacks.
Attack policy and Prevention
At present, with the wide spread of various
"The King of Destruction--ddos attack and prevention depth analysis"The development of cyberspace brings opportunities and threats, and DDoS is one of the most destructive attacks. This book introduces DDoS from a variety of perspectives, in order to answer some basic questions from the perspective of the attacker: who
As a powerful hacker attack method, DDoS is a kind of special denial of service attack. As a distributed, collaborative, large-scale attack, it often locks victim targets on large Internet sites, such as commercial companies, search engines, or government department sites. Because of the bad nature of DDoS attacks (often through the use of a group of controlled network terminals to a common port to launch a
1. Why DDoS attacks?With the increase in Internet bandwidth and the continuous release of a variety of DDoS hacking tools, DDoS denial-of-service attacks are becoming more and more prone, and DDoS attacks are on the rise. Due to business competition, retaliation, network ext
, the other one will work immediately. This minimizes DDoS attacks.(5) filtering unnecessary services and portsYou can use tools such as Inexpress, Express, forwarding, and so on to filter out unnecessary services and ports, that is, filtering fake IPs on routers. For example, Cisco's CEF (Cisco Express Forwarding) can be compared and filtered for packet source IP and routing table. Opening a service port o
request, the firewall will use the relevant rules to identify, provide attack prevention, intranet security, traffic monitoring, mail filtering, web filtering, application layer filtering.Finally, individuals should always pay attention to changing the factory default password.The Internet of things is connected to inanimate objects and allows any device to join and connect all devices in any location, allowing them to display "life" signs, which bus
of IP attacks on your server, you can easily block it. Isomorphism the following command to block IP or any other specific IP: Route add IPAddress Reject Once you have organized a specific IP access on the server, you can check it to prevent tofu from being effective By using the following command: Route-n |grep IPAddress You can also block the specified IP with iptables by using the following command. Iptables-a INPUT 1-s ipadress-j drop/reject Service Iptables Restart Service Iptables Save Af
ConceptUsing the BPF (Berkeley Packet filter) toolset combined with the Iptables XT_BPF module enables high-performance packet filtering to address large-scale DDoS attacks. BPF Tools contains a simple set of Python scripts that are used to parse the Pcap file, and others are primarily used to generate BPF bytecode.First, download and install BpftoolsDownload the zip file in Https://github.com/cloudflare/bp
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.