Shulou(Shulou.com)06/01 Report--

This article mainly explains "how the server protects against DDOS attacks". The content of the explanation is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "how the server protects against DDOS attacks".

1. Enhance the TCP/IP stack of the operating system

Win2000 and Win2003, as server operating systems, have a certain ability to resist DDoS attacks, but they are not enabled by default. If enabled, they can resist about 10000 SYN attack packets, and only hundreds if they are not enabled.

2. Adequate network bandwidth guarantee

Network bandwidth directly determines the ability to resist attacks. If there is only 10m bandwidth, it is difficult to resist current SYNFlood attacks no matter what measures are taken. At present, it is necessary to choose at least 100m shared bandwidth, and the best thing is to hang it on 1000m backbone. However, it should be noted that the network card on the host is 1000m does not mean that its network bandwidth is gigabit. If it is connected to a 100m switch, its actual bandwidth will not exceed 100m, and even if it is connected to 100m of bandwidth, it does not mean a 100m bandwidth, because network service providers are likely to limit the actual bandwidth to 10m on the switch, which must be made clear.

3. Turn the website into a static page

A large number of facts have proved that making the website into a static page as much as possible can not only greatly improve the ability to resist attacks, but also bring a lot of trouble to hackers, at least so far the overflow of HTML has not appeared, take a look! Sina, Sohu, NetEase and other portals are mainly static pages, if you do not need dynamic script calls, then get it to another separate host, so as not to involve the main server in the event of attack, of course, it is OK not to do some database call scripts appropriately, in addition, it is best to deny access to agents in scripts that need to call the database. Because experience has shown that 80% of using agents to visit your site is malicious.

Thank you for your reading. the above is the content of "how the server protects against DDOS attacks". After the study of this article, I believe you have a deeper understanding of how the server protects against DDOS attacks, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.