DDDOS is a software tool used to do it? Just use one of your own computers? If so, is it safe to use your own computer?

DDOS and you ping each other the principle is basically the same, there are tools can simulate a machine automatically send a large number of packets to the target, with or without tools, will be programmed if the amount of code is not. A computer is generally not, that a little bandwidth is not enough to see, and the general site have done anti-DDOS attacks on their own computer security, do not understand, is that their IP will be exposed to the general attack to a large number of computers, or broilers, in a particular time to launch an attack on their own machines through a number of jumps, through the springboard machine to hide

dddddos attack prevention methods?

The ddos attack prevention measures are mainly five aspects

1. expand the server bandwidth; server network bandwidth directly determines the server to withstand the attack ability. So when you buy a server, you can increase the server network bandwidth.

2. Use of hardware firewalls; part of the hardware firewall based on packet filtering firewall modification-based, only in the network layer to check the packets, if the DDoS attack rises to the application layer, the defense ability is relatively weak.

3. Select high-performance equipment; in addition to the use of hardware firewall. The performance of servers, routers, switches and other network equipment also need to keep up.

4. Load balancing; load balancing is built on top of the existing network structure, which provides a cheap, effective and transparent way to expand the bandwidth of network devices and servers, increase throughput, enhance network data processing capabilities, improve network flexibility and availability, DDoS traffic attacks and CC attacks are very effective.

5. Restrict specific traffic; if you encounter abnormal traffic, you should promptly check the source of access and make appropriate restrictions. To prevent abnormal and malicious traffic from coming. Proactive protection of site security.

DDOS firewall principle?

DDoS Firewall is an efficient active defense system can effectively defend against DoS/DDoS, SuperDDoS, DrDoS, Proxy CC, Mutant CC, Zombie Cluster CC, UDPFlood, Mutant UDP, Random UDP, ICMP, IGMP, SYN, SYNFLOOD, ARP attacks, Legend Dummy attacks, Forum dummy attacks, non-TCP/IP protocol layer attacks, and many other unknown attacks.

A variety of common attacks can be effectively identified, and through the integrated mechanism of real-time processing and blocking of these attack traffic, with remote network monitoring and packet analysis capabilities, to quickly obtain, analyze the latest attack characteristics, defense of the latest attack methods.

At the same time, DDoS Firewall is a server security guard, with a variety of server intrusion protection functions, to prevent hackers from sniffing, invasion and tampering, and truly achieve the external defense and internal security, to create a safe and worry-free maintenance-free server for you. As an emerging force and rising star in the domestic network fire prevention industry, DDoS Firewall's 3D protection structure, efficient active defense, and with the idea of simplicity (operation) but not simplicity (functionality), it provides an anti-DDoS firewall with excellent protection, practical functionality, simple operation, and low resource consumption.

What is a DDOS attack? What is its principle? What is its purpose? The more detailed the better! Thanks?

The website's biggest headache is being attacked, and there are these common server attacks: port penetration, port penetration, password cracking, and DDOS attacks. Among them, DDOS is currently the most powerful and one of the most difficult to defend against attacks.

What is a DDOS attack then?

The attacker forges a large number of legitimate requests to the server, taking up a large amount of network bandwidth and paralyzing the website, making it inaccessible. It is characterized by the fact that the cost of defense is much higher than the cost of attack. A hacker can easily launch a 10G or 100G attack, while the cost of defending against 10G or 100G is very high.

The DDOS attack was initially called the DOS (Denial of Service) attack, which is based on the principle that if you have a server and I have a PC, I will use my PC to send a lot of spam to your server to congest your network and increase your data processing burden, reducing the efficiency of the server's CPU and memory.

However, with the advancement of technology, one-to-one attacks like DOS are easy to defend against, and so DDOS-Distributed Denial of Service attacks were born. The principle is the same as DOS, but the difference is that DDOS attacks are many-to-one attacks, even up to tens of thousands of PCs attacking a server at the same time with a DOS attack, which ultimately paralyzes the attacked server.

Three common DDOS attacks

SYN/ACKFlood attack: the most classic and effective DDOS attack, which can kill all kinds of system network services. Mainly through the victim host to send a large number of forged source IP and source port SYN or ACK packets, resulting in the host's cache resources are exhausted or busy sending response packets to cause a denial of service, due to the source are forged so tracking is more difficult, the disadvantage is the implementation of a certain degree of difficulty, need to be supported by high-bandwidth zombie hosts.

TCP full-connection attack: this attack is designed to bypass the conventional firewall checks, in general, most conventional firewalls have the ability to filter TearDrop, Land and other DOS attacks, but for normal TCP connections are spared, do not know that many network service programs (eg: IIS, Apache and other Web servers) can accept a limited number of TCP connections. TCP connections are limited, once a large number of TCP connections, even if normal, will lead to very slow access to the site or even inaccessible, TCP full-connection attack is through a number of zombie hosts constantly with the victim server to establish a large number of TCP connections, until the server's memory and other resources are exhausted and dragged across, thus resulting in a denial of service, the characteristics of this attack is to bypass the general This kind of attack is characterized by bypassing the general firewall protection to achieve the purpose of the attack, the disadvantage is that you need to find a lot of zombie hosts, and because the zombie host's IP is exposed, so this kind of DDOS attack is easy to be traced.

Brush Script Attack: This attack is mainly designed for the existence of ASP, JSP, PHP, CGI and other script programs, and call MSSQLServer, MySQLServer, Oracle and other databases of the website system, characterized by the establishment of a normal TCP connection with the server, and constantly submit queries to the script program, lists, and other calls that consume a lot of database resources, a typical attack method that uses a small amount of resources to attack a large amount of resources.

How to defend against DDOS attacks?

Overall, you can start from three aspects: hardware, individual hosts, and the whole server system.

One of the hardware

1. Increase bandwidth

Bandwidth directly determines the ability to withstand the attack, increase the bandwidth hard protection is the theoretical optimal solution, as long as the bandwidth is greater than the attack on the traffic is not afraid of, but the cost is very high.

2, enhance the hardware configuration

In the network bandwidth guarantee under the premise, try to enhance the CPU, memory, hard disk, network card, routers, switches and other hardware facilities configuration, selection of high-profile, well-reputed products.

3. Hardware firewall

Place your server in a server room with a DDoS hardware firewall. Professional-grade firewalls usually have a cleaning and filtering function for abnormal traffic, and can combat SYN/ACK attacks, TCP full-connection attacks, brush script attacks, and other traffic-type DDoS attacks

The second, a single host

1, timely repair of system vulnerabilities, upgrade security patches.

2, close unnecessary services and ports, reduce unnecessary system add-ons and self-startup items, minimize the implementation of fewer processes in the server, change the mode of operation

3, iptables

4, strict control of account privileges, prohibit root logins, password logins, and change the default ports of commonly used services

three, The entire server system

1. Load balancing

Using load balancing to distribute requests to individual servers in a balanced manner reduces the burden on a single server.

2. CDN

CDN is a content distribution network built on top of the network, relying on edge servers deployed in various places, through the distribution of the central platform, scheduling and other functional modules, so that users can get the content they need in the vicinity of the center to reduce network congestion and improve the response speed of the user's access and hit rate, so CDN acceleration is also used in load balancing technology. Compared with the high defense hardware firewalls can not possibly carry down the limit of unlimited traffic, CDN is more sensible, multi-node sharing penetration traffic, most of the CDN nodes have 200G traffic protection, coupled with the protection of the hard defense, it can be said to be able to cope with the majority of DDoS attacks.

3. Distributed cluster defense

Distributed cluster defense is characterized by multiple IP addresses in each node server configuration, and each node can withstand not less than 10G DDoS attacks, such as a node attacked by the inability to provide services, the system will be based on the priority settings automatically switch to another node, and the attacker's packets are returned to all the sending points, so that the attack source becomes paralyzed.