On 1 May, Mattelling Company jointly "Shanghai Hotline", Shanghai Public Security Bureau Network Supervision Office has been carefully deployed, strictly monitored, successfully captured a long-standing national ISP / ICP distributed denial of service attack (DDOS Zhou. Distributed Deny Service Attack (DDoS) is a special form of denial of service attack. It uses multiple machines that have been controlled by the attackers to initiate an attack on a single machine. Under such bandwidth, the attacked host is easy to lose response. As a distributed, collaborative large-scale attack, distributed denial service attack (DDoS) is mainly aimed at a relatively large site, like commercial companies, search engines and government departments. Since it lays an attack to a machine by using a batch of controlled machines, it is rapid, and it is often difficult to prepare, so it has great destructive. Using DDoS attacks, there is a difficulty, and there is no superb technology is difficult to implement, but it is not only required to be familiar with the technique of invasion, but also have enough time and head. Zhou attacked and controlled many Internet on the Internet, maliciously issued a large number of spoofing, forged network access traffic, up to 1Gbit / s, which is equivalent to nearly 10 million people visiting a website. It has seriously affected the normal operation of the "Shanghai Hotline" network business, and endangered Internet security. Since this attack has great deceptive, concealment, the domestic and foreign can't hunt down to the real attacker. This Marseili company provides a viable pursuit strategy and method based on the full network security construction experience, and finally arrested an attacker for distributed denial of service attacks (DDoS) in China. For the anti-secret of DDOS attacks, it is more important to strengthen security awareness and improve the security of network systems. Marseili experts suggest that security defense measures can be taken: 1.1 Establish and improve backup mechanisms for some important information (such as system configuration information). Cautious settings for some privileged accounts (such as administrator accounts). Through such a series of initiatives, it can minimize the motorful machine of the attacker. 2, in terms of network management, often check the physical environment of the system and prohibit unnecessary network services. Establish a boundary security limit to ensure that the package is affected correctly. Test system configuration information often, and pay attention to view daily security logs. 3, using network security equipment (eg, a firewall) to reinforce the security of the network, configure their safety rules, filter out all possible forged packets. 4, better defense measures are coordinated with your network service provider, let them help you achieve route access control and limit for the total amount of bandwidth. 5. When you find that you are suffering from DDOS attacks, you should launch your dedication strategy, track the attack package as quickly as possible, and contact ISP and related emergency organizations, analyze the affected systems, and determine Other nodes, thereby blocking traffic from known attack nodes. Discover your system's vulnerability, which is a big threat to your system. So once the tool software in the system is discovered, it should be cleared in time to avoid posting.
