???簲?????
???????????? ???????[ 2015/12/23 14:31:22 ] ????????DNS ?????? ???簲?
????1. DDoS????????
????DDoS(Distributed Denial of Service?????????????)???????????????????????????????????????????????????????????????????????????
????????????????DDoS????????????
??????????????????????????????????????????????????????IDC?????????????????????????????Ч????????????????????????????????????????ICMP Flood??UDP Flood???????????????
??????????????????鶯????????????????????????????????????????????ú?????????????????????????????????????Э?????????????????????Slowloris??????Hash???????????????????????????2???????
?????????????????????????????????????????????Э?顢?????????????????????????????SYN Flood??????DNS Query Flood?????????????????????????
?????????????????Щ?????????????????????????????????????????
????1.1. SYN Flood
????SYN Flood?????????????DDoS??????????????????1999??????????????????????SYN Flood??????????TCP???????????????????С?????????????????????????????顣
?????????TCP??????????????£?
????l ???????????????SYN?????TCP?????SYN?????(Synchronize)???????????????????????????TCP??????????;
????l ?????????????????SYN??????????????SYN+ACK(?????Acknowledgement)??????????????????????????TCP???????????1;
????l ???????????????????ACK??????????????TCP???к????1??
????????????????TCP?????????ɡ?TCPЭ?????????????????????????????????????Щ?????????????????????????????????????????ACK???????????????SYN_RECV???????????IP???????б??????????????SYN+ACK??????????????3-5?Σ??????? 30???????????ε???б????????п???????????棬?????????????????SYN+ACK??????????????????????????TCP???????????????????????????????????????????????????????????????????????????SYN_RECV?????????????????μ?SYN???????????μ? TCP?????????
????SYN Flood????????????????TCPЭ????趨????????????????????α???????IP???????????????SYN?????????α???IP??????????????????????????豸??????????????κ??????????????????????????????????б??????????????SYN+ACK????????????????????????????????????????????????????SYN_RECV???б????????????????????????μ?SYN?????????????????????????????TCP??????????????????????SYN Flood??????????
??????SYN Flood?????????????http://www.icylife.net/yunshu/show.php?id=367????????2006??д??????????????????????????Bug??????????????????????????á?
????1.2. DNS Query Flood
???????????????????????????DNS??????DDoS???????????????????DNS????????????????????????????????????????????????Щ????????????????anonymous???????????????????????13???DNS????????????????е????
????UDP??????????????????????????Σ??????IP???α????????顣?????????????????????IP??????UDP??????????UDP???????ɡ?????????????UDP???????????????????????????UDPЭ??????DNS Query Flood?????????????????Э?????????DDoS?????????????????Э?????????????????????????????????????
????DNS Query Flood?????????????????????????????????????????????????????ACL?????????????????????????????????????UDP?????α???IP????????α??????????????DNSЭ??????α????ID??????????????????α????????????????????????????????????DNS???????????????????????DNS????????CPU?????
????????DNS Query Flood?????????2011??7?????????????????????д??????????????http://www.icylife.net/yunshu/show.php?id=832?????????????????????????????????????????
????1.3. HTTP Flood
??????????????SYN Flood??DNS Query Flood?????????????????Ч????????????????????????????????????HTTP Flood??????HTTP Flood?????Web??????????Э?鷢??????????????Σ????????????????????棺???????????????????????
????SYN Flood??DNS Query Flood?????????????root??????????????????????????root????????????????????????????????????п?????????????????????????????????????????????????仺???????1???????????????????????????HTTP Flood????????????????????????????????????????????????????????????????????????????HTTP???????SOCKS???????????????????????????????HTTP??????????????????????????????????????????????????£?????????????????????????????????
??????????棬HTTP Flood??????HTTP??????????????????????????????????????????????????????????????????????????????????????????????????ú?????????????????????????????????
??????HTTP Flood?????????????????????????????????????±???????Web??????????????????????????Java??????????????????????????????????????????????????洢???????????????
??????????????HTTP Flood???и??????????????????CC??????CC??Challenge Collapsar????д????Collapsar???????????????DDoS?????豸?????????????????????????Collapsar?????е?????????豸??????????????????δ?????
????1.4. ???????????
?????????????????????????????????????????????????????????????????????????????????Щ????????????????????????????????????????????????????????rsnake??????Slowloris??
????HTTPЭ??漲??HTTP Request??
??β?????????????????????????????????????????????
??????Slowloris???????????????DDoS???????????????HTTP??????н?Connection?????Keep-Alive?????Web Server????TCP????????????????????????????????key-value??????????????????a:b
?????·???????HTTP?????н???????????????????????????????????????????????????????????Web??????????????????TCP?????????????μ?????
?????????Slowloris??????????????????POST??????Web Server??????????????Content-Length?????????????????????POST???????????????????Slowloris??????rsnake??????????????????μ?http://ha.ckers.org/slowloris/slowloris.pl??
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11
sales@spasvo.com