Main » 2011 » Март » 16 » Ddos when he did not expect
10:47
Ddos when he did not expect

Introduction


In this article, there will be no advertising of specific firms and she does not claim to "the most intelligent article on DDoS». The purpose of this article - to draw your attention to a problem that sooner or later and can relate to you.

Do not think until you start


I think many webmasters and site admins, as I am only superficially aware of the technical aspects of setting up the OS, setting up firewalls, the width of the channels, etc. All the system configuration does support hosting, we remain only the panels of management.

If you have a website, imagine this scenario. One fine morning you wake up out of habit, update the main page of your precious site that brings you income, but instead of the site will leave an error or the page will load for a long time, then do not load, then through the times, etc.

It's clear - the first reaction is shock, begin treatment to the caliper. In fact the site is unavailable - and with the index of search engines can fly. And since attacks usually start on Saturday night, then most likely the caliper on that day will sleep peacefully and dream. On Monday morning, it appears that you DDoS-Yat.

What You Should Know About DDoS-attacks


Species of DDoS-attacks is set. For each type you can write a separate article. But if you do not go into much detail, then goes about such a picture.

The attacker sends a signal, for example, 10k computers (bots) randomly go to different pages on your site several times a second. If the site is not sufficiently optimized (and fertility, so it happens), then at times increases the load on the requests into the database, the processing php-code and the site freezes, no time to process requests for people.

But this is just the tip of the iceberg. If you have everything in order to optimize the system and not zagnetsya from hundreds of thousands of requests, the number of these requests in megabits may exceed the physical capacity of the channel. Let's say your site is hosting a channel width is 100 megabits. And the volume of the attacking bugs - 500 megabits. Channel is clogged - the site is unavailable.

What should I do??


This question must arise, and likely many times. I will lay the answers point by point:

1. If the attack is not too fussy, it can reflect the true setting up the OS. This deals with your hosting provider. Putting the correct values ??of the firewall, such an attack can be overcome.

2. If hoster tinkering in the settings of the OS "pitstsot" hours (for you, they will seem like an eternity), and could do nothing, it does not necessarily mean that he Krivorukov. This may mean that the server can not cope with so many requests. Just about this may reflect "leaky" ping your site.

3. If everything happened exactly as described in paragraphs 1-2, then remained expensive methods of protection:
  • Alternatively, you can close the proxies, and the site remains in its old location. Varies only DNS, directing traffic to the filtering proxy server. C it is already clean traffic to you.
  • Either it will be moving to a new hosting service, which provides protection from DDoS-attacks.


What ***** is attacking me?


  • This may be the machinations of your competitors' sites with similar themes.
  • Can you have enemies, the envious or ill-wishers.
  • May attacking the company, which provides protection from DDoS-attacks, for it is something a long time there were no orders.
  • This may be extortionists, who will start the attack, and a couple of days, kick you in ICQ with proposals of various kinds. But it is - criminal matter, so can no one ever knocks.


When did it all end?


DDoS-attack is worth the money. Strong attack - is costly. Therefore, the attack will not last forever, but often lasts as long as you do not put a decent defense.

And the protection is worth the money. Protect from strong attacks - is costly. But most likely you have them, because not very popular on sites nobody ordered DDoS is not particularly expensive.

Prevention


To more or less worthy move DDoS-attack, pre-need:
  • Optimized engine site, configure the cache where possible. Then the weak attack you may not even notice, but under strong attacks will have an opportunity to focus on other aspects.
  • If your life begins to bring a decent income - moves expensive hosting where exactly know what to do with DDoS-attacks. With channel from 1000 megabits. Do not skimp on your nerves, sooner or later you will pay attention.
  • Be prepared for this.

Conclusions


If this article I will help at least one victim of these vampires, so I was attacked for a reason.

I was attacked on Saturday evening. Good attack (scored 100 Mbps channel). The site was Down until Tuesday morning. All through Monday caliper hosting twisted configuration of Linux, but nothing happened. Site is disabled because DC was shocked by the number of requests. On Tuesday morning, in despair bought proxy protection on $ 100 a day until Thursday morning. On Wednesday, Google (a lot of Google) and moved to an expensive hosting service with protection against DDoS. These were not the best 5 days of my life.

Maybe I did something wrong, but I was surprised. I hope you have not napping will catch. Good luck! =)
Views: 458 | Added by: w1zard | Rating: 0.0/0
Total comments: 0
Имя *:
Email *:
Код *: