【REVIEW】 various methods from network attacks and damage arising from the circumstances, DoS be a very simple but very effective way of attack. Its purpose is to refuse access to your services and undermine the normal operation of organizations, and ultimately it will make you part of Internet connectivity and network system failures, DoS denial of service attacks struck to respond?
DoS in English stands for Denial of Service, is "a denial of service" means. Various methods from network attacks and damage arising from the circumstances, DoS be a very simple but very effective way of attack. Its purpose is to turn your service access, destruction of normal operation of the organization, eventually it will make you part of Internet connectivity and network system failure. DoS attack There are many ways, the most basic DoS attacks is the use of reasonable service request to take up too much service resources so that legitimate users can not get service.
DoS attacks, we can see the basic process: First, the attacker sends to the server with false addresses the many requests, the server sends reply message to wait for return information, as addresses are forged, so the server has been no return of such message, the resources allocated to this request would never be released. When the server is waiting for some time, the connection will be cut off due to overtime, the attacker will again send a new batch of requests, in which repeated false address to send the case of a request, the server resources will eventually be exhausted.
How to block DoS
Against DoS, is still not very effective preventive measures. One common method for blocking DoS the network set up filters or detectors, in the information reach the web server before the block information. Filter access operations will detect suspicious. If a suspicious visit often, the filter will receive instructions to block the appropriate message to the server's external connection smooth. DoS consumption of system resources for the practice, some users through the use of additional system resources, to expand the number of the host cluster, etc. to a certain extent, alleviate the attack, which is clearly increased the cost of hardware overhead and maintenance costs, not suitable for users with limited funds .
Firewall and VPN is blocked, "denial of service attacks" commonly used equipment. Among them, the firewall as access control devices, through the design of access policies, denial of service attack can play a preventive role. However, the firewall must be set correctly to play a protective role. When the firewall security rules based on multiple, different services on packet filtering and agent, will make the system environment of the firewall settings manager error, leaving a number of system vulnerabilities so that intruders can take advantage of.
Present a firewall to prevent DoS attacks in the defects. The first man to set up a firewall is not suitable for dynamic configuration, and because each attack is different, the user can not know the address of the attacker and used to attack the protocol. Second, the current firewall settings usually do not distinguish between normal packets and packets of different attacks. ICMP Ping to withstand attack, for example, network administrators can set the firewall blocks all incoming ICMP Ping packets, but this time the firewall is not blocking ICMP Ping Response packets, in this way so that users can not Ping outside the firewall to the internal firewall IP addresses, but not a good way to send the current hackers have used a large number of forged ICMP Ping Response packets to attack the way, the firewall only block off ICMP Ping Response packets to stop such attacks, which caused internal users to the firewall inconvenience. The deal with DDoS, one can only source from the network, network operators a firewall, filter and other security devices to be effective.