Current location - Quotes Website - Signature design - Ddos common attack mode ddos specific attack mode
Ddos common attack mode ddos specific attack mode
What is a botnet?

Botnet

Botnet

Botnet refers to a one-to-many controlled network formed between the controller and the infected host by infecting a large number of hosts with bots through one or more communication means.

The concept of botnet has several key words. "bot program" is the abbreviation of robot, which refers to the program code that realizes the malicious control function; A "zombie computer" is a computer with a robot implanted; "Control server" refers to the central server for control and communication. In the botnet controlled by IRC (Internet Relay Chat) protocol, it refers to the server that provides IRC chat service.

Botnet

First of all, it is a controllable network. This network does not refer to a network with topological structure in the physical sense, but has a certain distribution. With the continuous spread of bot programs, zombie computers in new locations continue to join this network.

Secondly, this network is formed by some malicious means, such as active vulnerability attacks, email viruses and other means to spread viruses and worms, which can be used to spread botnets. In this sense, the malicious program bot is also a virus or worm.

The last point, which is also the most important feature of botnets, is that they can carry out the same malicious behavior one to many, such as launching a distributed denial of service (DDos) attack on a target website at the same time and sending a lot of spam. It is this one-to-many control relationship that enables attackers to efficiently control a large number of resources to serve them at a very low cost, which is also the fundamental reason why botnet attack mode has been favored by hackers in recent years. Botnet acts as an attack platform when malicious acts are carried out, which makes botnet different from simple viruses and worms, and also different from general Trojan horses.

Botnet is a group of computers controlled by hackers on the Internet. It is often used by hackers to launch large-scale network attacks, such as distributed denial of service attacks (DDoS) and massive spam. At the same time, the information saved by these computers controlled by hackers, such as bank account passwords and social security numbers, can also be "accessed" by hackers at will. Therefore, botnet is a very threatening hidden danger for the safe operation of the network and the protection of user data security. Therefore, the threat of botnet has become an international concern. However, it is very difficult to find botnets, because hackers usually control the "zombie hosts" scattered on the network remotely and covertly, and the users of these hosts are often unaware of it. Therefore, botnet is the most popular criminal tool for hackers on the Internet.

For netizens, it is very easy to be infected with "zombie virus". Beautiful women posing online and all kinds of interesting games are attracting netizens to click the mouse. But nothing happened after I ordered it. It turns out that everything is just a scam, intended to lure netizens to download problematic software. Once this toxic software enters the netizen's computer, the remote host can give orders and control the computer.

Experts say that hundreds of thousands of zombie computers are added every week on average, and they are allowed to carry out various illegal activities under the command of remote hosts. Many times, zombie computers simply don't know that they have been selected and are at the mercy of others.

The emergence of botnets is also due to the increasing popularity of high-speed Internet access at home. High-speed internet access can handle (or create) more traffic, but high-speed internet access families are used to leaving their computers on for a long time. Only when the computer is turned on can the remote host give orders to the zombie computer.

Network experts said: "Although important hardware facilities attach great importance to anti-virus and anti-hacker, the real security vulnerability of the network comes from home users. These self-employed people lack the knowledge of self-protection, which makes the network full of mines and poses a threat to other users. "

What if the server is attacked by traffic?

There are two kinds of DDoS attacks: either big data and large traffic crush network devices and servers, or deliberately create a large number of incomplete requests that cannot be completed to quickly exhaust server resources. The key difficulty in effectively preventing DDoS attacks lies in the inability to distinguish between attack packets and legitimate packets: the typical "signature" pattern matching carried out by IDS has not played an effective role; Many attacks use source IP address spoofing to avoid source identification, so it is difficult to find the specific attack source.

When your website traffic suddenly increases; There is a traffic attack of 10g or 10G.

You can choose a server that is resistant to traffic attacks, such as raksmart, which provides a DDoS high-security server.

Related articles
  • How to write a signature by hand on a computer without a mouse?
  • Comprehensive comparison of commonly used safety evaluation methods
  • How to download the GIF dynamic picture on the signature file of Baidu Post Bar? Plus points after adoption!
  • Is the clinical trial researcher's resume handwritten? How to write
  • Short, sunny and warm signature
  • What brand are these shoes and pants?
  • Self-love syndrome
  • These years-()-()-()-()-()-()-()-()- . . . Idioms solitaire.
  • How is the smart contract of Ruizi Chain implemented?
  • How to fill in the source of children

    • copyright 2024 Quotes Website All rights reserved