Site menu
Login form
Our poll
Rate my site
Результаты | Архив опросов
Всего ответов: 8
Site friends
  • Create a free website
    • Statistics
    Онлайн всего: 1
    Гостей: 1
    Пользователей: 0
    Main » 2011 » Март » 16 » Ddos thinking out loud
    13:33
    Ddos thinking out loud
    Hello habrachitatel. Today I decided to share with you my thoughts about DDoS-attacks. What is it I'm not going to tell you - this is now knows, in my opinion, even a schoolboy. In general, reflecting once again the mighty attack thugs on one of my resources, I thought, but did not offer me a community of educated people, a number of ideas to fight one of the most common methods of attacks - HTTP - flooding.

    The essence of this attack is as follows - compromised computers controlled by the parent servers generate a lot of queries of the form:

    "GET / HTTP/1.1" XXX XXXX "

    Queries naturally can be any existing page as a uke resource, and do not exist. And depending on the "education" botnet and its owners, the attack can go to several URL, and depending on what the administrators of the attacked resources also change the tactics of attacks.


    Track this attack is quite simple - it is clearly seen in the "online" - viewing the web-server logs. But to reflect that (as well as any other kind of attacks) is difficult, and the greater the intensity of the attack and the number of infected computers involved in it, the harder it is to do. Yes, there are many ways - as the script runs on the target server, as well as specialized equipment installed before the server under attack. Describe these methods today I will not. I want to write a little about other methods of struggle.

    Working in a very large telecommunications company, I realized that because ISP will not make much effort to customize their equipment to filter traffic. In what it is:

    • monitors traffic at a uniform and a large volume of requests from the client to the network, it is inherent in DDoS-attacks, or even mass distribution of spam, throws fludnye packages, thereby not impacting its network and allow traffic to prevent overspending by the client. Caring for the client so to speak.
    • warn massive attacks like those in the scales of one ISP it will not be as effective, but if the elaborate system of filtration enter at least a major backbone providers, then we live with you - a simple web-resources administrators immediately feel better.


    Now the most important thing - the ethical and legal side of my suggestions. Yes, we do not legal basis for these measures, and in terms of a simple Internet users - at least he will not be thrilled, knowing that part of his traffic could just get into the "trash", because the end user of these services generally has no idea about that his computer has become part of a huge botnet. more work to support service providers - is now not widely inform the client that goes with it viral traffic. What about the "Chinese" traffic is also a complex issue - it is necessary to filter on highways, because the outcome of my personal data to analyze traffic fludnogo - 40-60% of it is from China.

    But once we have this still come.

    Thank you for your attention!
    Views: 602 | Added by: w1zard | Rating: 0.0/0
    Total comments: 0
    Имя *:
    Email *:
    Код *: