What is a DDOS attack? What are the common attacks?

The biggest headache for a website is being attacked. Common server attacks mainly include these categories: port penetration, port penetration, password cracking and DDOS attacks. Among them,anti DDOS DDOS is currently one of the most powerful and difficult attacks.

What is a DDOS attack?

The attacker forges a large number of legitimate requests to the server, taking up a large amount of network bandwidth and causing the website to be paralyzed and inaccessible. It is characterized by the fact that the cost of defense is much higher than the cost of offense.virtual Machine cloud A hacker can easily launch a 10G or 100G attack, but the cost of defending against 10G or 100G is very high.

DDOS attack we initially is what people can call DOS (Denial of Service) attack, its attack technology principle is: you have a server, I have a personal computer, I will use my personal use of computers to send to your server system requires a large number of garbage management information, congestion of your network, and increase the burden on you to deal with the relevant data, reduce server CPU and memory efficiency.

However, as technology advances and one-to-one attacks like DOS become easier to defend against,vpshosting the DDOS denial-of-service attack was born. The principle is the same as DOS, but the difference is that DDOS attack is a many-to-one attack, even tens of thousands of personal computers at the same time in the form of DOS attack to attack a server, and ultimately, the attacked server crashes.

There are three common types of DDOS attacks

SYN/ACK flood attack: The most classic and effective DDOS attack, which can kill various system network services. Mainly by sending a large number of forged source IP and source port SYN or ACK packets to the victim host, resulting in host cache resources are exhausted or busy sending response packets, resulting in a distributed denial-of-service attack, due to the source is forged, it is difficult to track, the disadvantage is difficult to implement, the need for high-bandwidth bot host support.

TCP Full Connection Attack: This attack is designed to circumvent normal firewall checks, in general, normal firewalls have the ability to filter DOS attacks such as TearDrop, Land, etc., but for normal TCP connections are spared, do not know that many network service programs (e.g., IIS, Apache and other web servers) can accept a limited number of TCP connections, once there is a large number of TCP connections, even if normal, may lead to very slow or even unable to access the site, TCP fully connected attack is through a large number of zombie hosts continue to establish a large number of TCP connections with the victim server, until the server's memory and other resources are exhausted and dragged, resulting in a distributed denial-of-service attack, this attack has the attribute of bypassing the protection of the general firewall to achieve the purpose of the attack, the disadvantage is that The disadvantage is that you need to find a large number of zombie hosts, and because the IP of the zombie hosts is exposed, this DDOS attack is easy to be traced.

Brush Script Attack: This network attack is mainly designed for the existence of ASP, JSP, PHP, CGI and other script language programs, and call MSSQLServer, MySQLServer, Oracle and other databases of the Web site information system, characterized by and the server can establish a normal TCP connection, and constantly to the script control program. Need to submit data queries, lists and other large amounts of time-consuming as well as the invocation of database management resources, a typical attack on the way to small and big way method.

cloud server hk: Efficient, Reliable, Global Connectivity for Seamless Operations.