DoS (Denial of Service) is a reasonable use of the service requests taking up too many resources.so that legitimate users can not get the service to respond to network attacks.DoS attacks have generally been the phenomenon of a large number of hosts : * wait to be attacked TCP Connection;* mainframe system resources to be attacked by a large number of occupants, causing stoppages;* The network is flooded with a lot of useless data packet source address of the fake addresses;* high volume of data made unwanted network congestion, the victim mainframe normal communications with the outside world;* To use the services provided by victims or FTP host the defects repeatedly issued specific to the high-speed service requests,Host timely processing of all victims normal request; * will cause serious system lockup.So far, in particular, to prevent DoS DDoS attacks still more difficult.But they can still take some measures to reduce the harm.For small and medium-sized websites, we can prevent it from the following areas : mainframe installed :namely strengthening operating system, installed on all operating system parameters to improve system stability.Installed various Linux and BSD or re-editing systemSolaris kernel and the Windows operating system, such as some of the parameters,The system can be improved to a certain degree anti-attack capability.For example, the typical type of SYN Flood DoS attack.It uses TCP loopholes in the agreement sent large quantities of TCP listening.unable to connect users to networks or operating system services paralyzed.The attack involved a number of system parameters : the number of links can wait until the data packet data packets and the length of time to wait for overtime.Therefore, it can be set up as follows : * for off unnecessary services;* data packets from the link several amendments to the 2048 default values of 128 or 512 or greater.Whenever a lengthening queue data packet length of the data packet to ease digestion and more connected;* Link overtime rather short set-up time to ensure the normal data packets connect shielding illegal attack packets;* update system, the installation of a patch.For example : SYN Flood still installed firewall, the firewall can be installed on the following :* mainframe-open against the visit; * Restrict opened at the same time linking the largest number of data packets;* Restrict the specific IP addresses of the visit; * The opening of the anti-DDoS firewall attributes;* Server strict restrictions on foreign visits outside world to prevent their servers were attacked as a tool of others.In addition, it can take the following measures : * Random Drop algorithm.When the flow reaches a certain threshold, in accordance with rules algorithm discarded follow-up message, in order to maintain the mainframe processing capability.Lack of a normal data packet loss is mistaken, especially in the large flow of data packets under attack,like those of normal data packets, packet data easily with illegally excluded net;* SYN Cookie algorithm, using technology to reduce shaking hands six times the rate of attacks.The list is based on the lack of inquiries, data traffic increases, a rapid expansion of the table, the amount will increase.easy response delay and the system paralysis.As more types of DoS attacks, which can only withstand a limited number of firewalls.Cisco router to router set up : for example, may take the following approach :* Cisco Express Forwarding (CEF);* Use unicast reverse-path;* Access Control List (ACL) filters; * Set up data packet flow rate;* * IOS; upgraded version of the router to establish low log server.Among them, and the use of unicast CEF set up to pay attention.improper use will cause a serious decline in the efficiency of routers.IOS upgrade also be cautious.The core router network equipment, which must be carefully installed, the best revision, the first non-preservation, to evaluate the effectiveness.Cisco router has two distributionconfigure startup configure and running.Laws change when the running configure, and make the first distribution operation for some time.that the allocation to preserve viable after startup config; if not to restore to its original configuration,can be used copy run start.Regardless of firewall or router interface equipment to the outside world are conducting anti-DDoS installed at the same timelikely to weigh against the corresponding normal business expense the cost of caution.Technology : using load balanced distribution of business is to put the applications of several different servers or even different locations.DNS service or hardware router technology cycle, the request will be streamed to multiple servers.This approach requires a lot of investment, the corresponding high maintenance costs, if they can afford to consider medium-sized websites.Above method of flow small, targeted, simple DoS attack prevention or very effective.And DDoS attacks, preventive measures need to be able to cope with large flows and technology need to be able to integrate multiple algorithms,Integrated multi-functional network equipment technology.In recent years, there have been some use of domestic products such integration technology,If Captus IPS 4000, Mazu Enforcer.Top Layer Attack Mitigator and the Green Alliance domestic black hole.Oriental vigorous terminator, can effectively resist SYN Flood, UDP Flood,ICMP Stream Flood Flood and the large flow of DDoS attacksThe individual also has a network routing and switching functions.For the web sites have the ability to directly use these products is a more convenient method of preventing DDoS attacks.But whether foreign or domestic products and the reliability of their technology, usability, etc. still need to be further improved.equipment such as improving its own high availability, processing speed and efficiency and functional integration and so on.Finally, the two systems without DoS attack websites from the rapid restoration of services after the emergency response methods :* If surplus of IP resources can be replaced by a new IP address, pointing to a website with the domain name of the new IP;* 80 out of port, or use other ports such as 81 for HTTP, IP will be located at :81.
DOS là gì?
- Thread starter vietterry
- Ngày gửi
- Status
LordSorcerer
Mr & Ms Pac-Man
ack pác qua box phần mềm hay lập trình mà nói,chứ nói ở đây làm gì,chỉ tổ tạo cái hồ cho AE câu cá thôi...em mở hành trước nha các bác
, với lại lộn chuồng gòi 
hóa ra là hoa mat91
(#_#) --> (@_@) --> (-_-)
Đau mắt wa'
Đau mắt wa'
haylachinhminh
Fire in the hole!
vãi ................................................
kingsatthu
Donkey Kong
nhìn vào như lạc vào ma trận
pó chiếu
pó chiếu
Fleur Delacour
Mr & Ms Pac-Man
lol, tự nhiên post nhãm, DoS là gì thì 90% ở đây bít rồi, 10% còn lại thỉnh thoảng sử dụng. Post = english, copy bên cái 4rum nào qua rồi -.-" lock topic, ban luôn cho chừa cái tội đi
}{ell-Fire
Dragon Quest
Thằng này muốn xem chúng ta hiểu biết tới đâu để nó attack diễn đàn quá. Mai mốt mà diễn đàn sụp thì cứ nó mà chém nha bà con.
}{ell-Fire
Dragon Quest
tui đúng như ý của thằng kia phải viết là DDos (Distributed Denial of Service) chứ ko phải dos (dễ hiểu lằm thui).
- Status