Current location - Music Encyclopedia - Earning online - What does ddos attack make money from? What does ddos attack make money from?
What does ddos attack make money from? What does ddos attack make money from?

what is a DDOS attack? What is its principle? What is its purpose? The more detailed, the better! Thank you?

The biggest headache for websites is being attacked. There are several common server attacks: port penetration, port penetration, password cracking and DDOS attacks. Among them, DDOS is one of the most powerful and difficult attack methods at present.

so what is a DDOS attack?

The attacker forged a large number of legitimate requests to the server, which occupied a large amount of network bandwidth, causing the website to be paralyzed and inaccessible. Its characteristic is that the cost of defense is much higher than that of attack. A hacker can easily launch attacks of 11G and 111G, but the cost of defending 11G and 111G is very high.

At first, people called the p>DDOS attack a DOS(DenialofService) attack. Its attack principle is: If you have a server and I have a personal computer, I will use my personal computer to send a lot of junk information to your server, which will jam your network, increase your data processing burden and reduce the efficiency of the server CPU and memory.

However, with the development of science and technology, one-to-one attacks like DOS are easy to defend, so DDOS—-distributed denial of service attack was born. Its principle is the same as that of DOS, but the difference is that DDOS attacks are many-to-one attacks, and even tens of thousands of personal computers attack a server at the same time, which eventually leads to the paralysis of the attacked server.

there are three common DDOS attack methods

SYN/ACKFlood attack: the most classic and effective DDOS attack method, which can kill network services of various systems. Mainly by sending a large number of SYN or ACK packets with forged source IP and source port to the victim host, the host's cache resources are exhausted or busy sending response packets, resulting in denial of service. Because the sources are all forged, it is difficult to track down, but the disadvantage is that it is difficult to implement and needs the support of high-bandwidth zombie hosts.

TCP full connection attack: this attack is designed to bypass the inspection of conventional firewalls. Generally, most conventional firewalls have the ability to filter DOS attacks such as TearDrop and Land, but they let normal TCP connections go. I don't know that many network service programs (such as IIS, Apache and other Web servers) can accept a limited number of TCP connections. Once there are a large number of TCP connections, Even if it is normal, it will lead to a very slow or even inaccessible website access. TCP full connection attack is to establish a large number of TCP connections with the victim server through many zombie hosts until the server's memory and other resources are exhausted and dragged across, resulting in denial of service. This attack is characterized by bypassing the protection of general firewalls and achieving the attack purpose. The disadvantage is that many zombie hosts need to be found, and because the IP of zombie hosts is exposed, this DDOS attack mode is easy to be tracked.

Script-brushing attack: This attack is mainly designed for websites with scripts such as ASP, JSP, PHP and CGI, and calling databases such as MSSQLServer, MySQLServer and Oracle. It is characterized by establishing a normal TCP connection with the server and constantly submitting queries, lists and other calls that consume a lot of database resources to the scripts. The typical attack method is small and broad.

how to defend against DDOS attacks?

generally speaking, we can start with hardware, a single host and the whole server system.

1. Hardware

1. Increasing bandwidth

Bandwidth directly determines the ability to withstand attacks. Increasing bandwidth and hard protection is the theoretical optimal solution. As long as the bandwidth is greater than the attack traffic, it is not afraid, but the cost is very high.

2. Upgrade hardware configuration

On the premise of ensuring network bandwidth, try to upgrade the configuration of hardware facilities such as CPU, memory, hard disk, network card, router and switch, and choose products with high reputation and good reputation.

3. Hardware firewall

Put the server in the computer room with DDoS hardware firewall. Professional firewalls usually have the function of cleaning and filtering abnormal traffic, and can resist traffic DDoS attacks such as SYN/ACK attacks, TCP full connection attacks, script brushing attacks, etc. < P > Second, a single host

1. Fix system vulnerabilities in time and upgrade security patches.

2. Turn off unnecessary services and ports, reduce unnecessary system add-ons and self-startup items, reduce as few processes as possible in the server, change the working mode

3, iptables

4. Strictly control account permissions, prohibit root login and password login, and modify the default ports of common services

3. Load balance of the whole server system

1.

2. CDN

CDN is a content distribution network built on the network. By relying on the edge servers deployed in various places, users can get the required content nearby through the distribution and scheduling function modules of the central platform, which reduces network congestion and improves the response speed and hit rate of users. Therefore, CDN acceleration also uses load balancing technology. Compared with the high-defense hardware firewall, CDN is more rational, and multiple nodes share the infiltration traffic. At present, most CDN nodes have 211G traffic protection function, and with the protection of hard defense, it can be said that it can cope with the overwhelming majority of DDoS attacks.

3. distributed cluster defense

the characteristic of distributed cluster defense is that each node server is configured with multiple IP addresses, and each node can withstand DDoS attacks of not less than 11G. If one node is attacked and cannot provide services, the system will automatically switch to another node according to the priority setting, and all the attacker's data packets will be returned to the sending point, making the attack source paralyzed.

how much does it cost to launch a DDOS attack service?

Kaspersky published an interesting analysis on the cost of DDoS attacks.

experts estimate that the cost of using 1111 cloud-based botnets for DDoS attacks is about $7 per hour. The DDoS attack service is usually $25 per hour, which means that the attacker's expected profit is about $25 MINUS $7, which is about $18 per hour.

however, the total cost of enterprise defense against DDoS attacks is often as high as tens of thousands or even millions of dollars. So don't think about getting illegitimate gains by launching ddos attacks. Now the state has gradually introduced various policies and improved laws and regulations to ensure network security, and acts that harm citizens' network security will inevitably be hit hard by the state.

Related articles
  • Do you need a J2 visa to work in the United States?
  • Diary: In recent months, there have been many Q&A posts in Zhihu that teach people to make money.
  • What platforms are there for online publishing tasks?
  • Google earns online games.
  • I am suspected of online gambling, and the running water is about 1 million. How will I be sentenced?
  • Don't do online profit-making projects for promotion.
  • I forgot how to retrieve the password of the withdrawal transaction.
  • 202 1 What can I learn to earn money?
  • How to rate the members of Daoke Baba?
  • How to apply for a passport in Beijing? Can I apply for a Beijing hukou?

    • copyright 2024 Music Encyclopedia All rights reserved