天天看點
傳回

DDOS攻擊原理以及如何防護。43.228.42.x

作者:馳網科技千安

DDOS簡介

DDOS又稱為分布式拒絕服務,全稱是Distributed Denial of Service。DDOS本是利用合理的請求造成資源過載,導緻服務不可用,進而造成伺服器拒絕正常流量服務。就如酒店裡的房間是有固定的數量的,比如一個酒店有50個房間,當50個房間都住滿人之後,再有新的使用者想住進來,就必須要等之前入住的使用者先出去。如果入住的使用者一直不出去,那麼酒店就無法迎接新的使用者,導緻酒店負荷過載,這種情況就是“拒絕服務”。如果想繼續提供資源,那麼酒店應該提升自己的資源量,伺服器也是同樣的道理。

具體過程:

當你要通路某一主機或網站時,首先,将資料包發送到目标主機,并發出連接配接請求。這将啟動 TCP 連接配接(兩個主機用于通信的程序)。目标主機一旦接收到一個請求的資料包(SYNchronize 資料包),就會相應地傳回一個響應的資料包(SYN-ACKnowledge 資料包)。

防護方法:

1:采用高性能的網絡裝置

抗DDoS攻擊首先要保證網絡裝置不能成為瓶頸,是以選擇路由器、交換機、硬體防火牆等裝置的時候要盡量選用知名度高、口碑好的産品。再就是假如和網絡提供商有特殊關系或協定的話就更好了,當大量攻擊發生的時候請他們在網絡接點處做一下流量限制來對抗某些種類的DDoS攻擊是非常有效的。

2:盡量避免 NAT 的使用

無論是路由器還是硬體防護牆裝置要盡量避免采用網絡位址轉換 NAT 的使用,因為采用此技術會較大降低網絡通信能力,其實原因很簡單,因為 NAT 需要對位址來回轉換,轉換過程中需要對網絡包的校驗和進行計算,是以浪費了很多 CPU 的時間,但有些時候必須使用 NAT,那就沒有好辦法了。

3:充足的網絡帶寬保證

網絡帶寬直接決定了能抗受攻擊的能力,假若僅僅有 10M 帶寬的話,無論采取什麼措施都很難對抗現在的 SYNFlood 攻擊,目前至少要選擇 100M 的共享帶寬,最好的當然是挂在 1000M 的主幹上了。

4:更新主機伺服器硬體

在有網絡帶寬保證的前提下,盡量提升硬體配置,要有效對抗每秒10萬個SYN攻擊包,伺服器的配置至少應該為:P4 2.4G/DDR512M/SCSI-HD,起關鍵作用的主要是CPU和記憶體,記憶體一定要選擇DDR的高速記憶體,硬碟要盡量選擇SCSI的,要保障硬體性能高并且穩定,否則會付出高昂的性能代價。

5:把網站做成靜态頁面或者僞靜态

大量事實證明,把網站盡可能做成靜态頁面,不僅能大大提高抗攻擊能力,而且還給黑客入侵帶來不少麻煩。

馳網科技杭州高防機房IP:

43.228.42.1

43.228.42.2

43.228.42.3

43.228.42.4

43.228.42.5

43.228.42.6

43.228.42.7

43.228.42.8

43.228.42.9

43.228.42.10

43.228.42.11

43.228.42.12

43.228.42.13

43.228.42.14

43.228.42.15

43.228.42.16

43.228.42.17

43.228.42.18

43.228.42.19

43.228.42.20

43.228.42.21

43.228.42.22

43.228.42.23

43.228.42.24

43.228.42.25

43.228.42.26

43.228.42.27

43.228.42.28

43.228.42.29

43.228.42.30

43.228.42.31

43.228.42.32

43.228.42.33

43.228.42.34

43.228.42.35

43.228.42.36

43.228.42.37

43.228.42.38

43.228.42.39

43.228.42.40

43.228.42.41

43.228.42.42

43.228.42.43

43.228.42.44

43.228.42.45

43.228.42.46

43.228.42.47

43.228.42.48

43.228.42.49

43.228.42.50

43.228.42.51

43.228.42.52

43.228.42.53

43.228.42.54

43.228.42.55

43.228.42.56

43.228.42.57

43.228.42.58

43.228.42.59

43.228.42.60

43.228.42.61

43.228.42.62

43.228.42.63

43.228.42.64

43.228.42.65

43.228.42.66

43.228.42.67

43.228.42.68

43.228.42.69

43.228.42.70

43.228.42.71

43.228.42.72

43.228.42.73

43.228.42.74

43.228.42.75

43.228.42.76

43.228.42.77

43.228.42.78

43.228.42.79

43.228.42.80

43.228.42.81

43.228.42.82

43.228.42.83

43.228.42.84

43.228.42.85

43.228.42.86

43.228.42.87

43.228.42.88

43.228.42.89

43.228.42.90

43.228.42.91

43.228.42.92

43.228.42.93

43.228.42.94

43.228.42.95

43.228.42.96

43.228.42.97

43.228.42.98

43.228.42.99

43.228.42.100

43.228.42.101

43.228.42.102

43.228.42.103

43.228.42.104

43.228.42.105

43.228.42.106

43.228.42.107

43.228.42.108

43.228.42.109

43.228.42.110

43.228.42.111

43.228.42.112

43.228.42.113

43.228.42.114

43.228.42.115

43.228.42.116

43.228.42.117

43.228.42.118

43.228.42.119

43.228.42.120

43.228.42.121

43.228.42.122

43.228.42.123

43.228.42.124

43.228.42.125

43.228.42.126

43.228.42.127

43.228.42.128

43.228.42.129

43.228.42.130

43.228.42.131

43.228.42.132

43.228.42.133

43.228.42.134

43.228.42.135

43.228.42.136

43.228.42.137

43.228.42.138

43.228.42.139

43.228.42.140

43.228.42.141

43.228.42.142

43.228.42.143

43.228.42.144

43.228.42.145

43.228.42.146

43.228.42.147

43.228.42.148

43.228.42.149

43.228.42.150

43.228.42.151

43.228.42.152

43.228.42.153

43.228.42.154

43.228.42.155

43.228.42.156

43.228.42.157

43.228.42.158

43.228.42.159

43.228.42.160

43.228.42.161

43.228.42.162

43.228.42.163

43.228.42.164

43.228.42.165

43.228.42.166

43.228.42.167

43.228.42.168

43.228.42.169

43.228.42.170

43.228.42.171

43.228.42.172

43.228.42.173

43.228.42.174

43.228.42.175

43.228.42.176

43.228.42.177

43.228.42.178

43.228.42.179

43.228.42.180

43.228.42.181

43.228.42.182

43.228.42.183

43.228.42.184

43.228.42.185

43.228.42.186

43.228.42.187

43.228.42.188

43.228.42.189

43.228.42.190

43.228.42.191

43.228.42.192

43.228.42.193

43.228.42.194

43.228.42.195

43.228.42.196

43.228.42.197

43.228.42.198

43.228.42.199

43.228.42.200

43.228.42.201

43.228.42.202

43.228.42.203

43.228.42.204

43.228.42.205

43.228.42.206

43.228.42.207

43.228.42.208

43.228.42.209

43.228.42.210

43.228.42.211

43.228.42.212

43.228.42.213

43.228.42.214

43.228.42.215

43.228.42.216

43.228.42.217

43.228.42.218

43.228.42.219

43.228.42.220

43.228.42.221

43.228.42.222

43.228.42.223

43.228.42.224

43.228.42.225

43.228.42.226

43.228.42.227

43.228.42.228

43.228.42.229

43.228.42.230

43.228.42.231

43.228.42.232

43.228.42.233

43.228.42.234

43.228.42.235

43.228.42.236

43.228.42.237

43.228.42.238

43.228.42.239

43.228.42.240

43.228.42.241

43.228.42.242

43.228.42.243

43.228.42.244

43.228.42.245

43.228.42.246

43.228.42.247

43.228.42.248

43.228.42.249

43.228.42.250

43.228.42.251

43.228.42.252

43.228.42.253

43.228.42.254

43.228.42.255

DDOS攻擊原理以及如何防護。43.228.42.x
DDOS攻擊原理以及如何防護。43.228.42.x
ddos
上一篇: 解除安裝oracle11g全步驟,Oracle11g伺服器與用戶端解除安裝、安裝全過程
下一篇: 解決運維痛點磁盤空間不足

繼續閱讀