Shulou(Shulou.com)05/31 Report--

DDOS traffic attack analysis and what is the solution, I believe that many inexperienced people are helpless about this, for this reason this article summarizes the causes and solutions of the problem, through this article I hope you can solve this problem.

From the beginning of 2019 to June today, it has been more than half a year, DDOS traffic attacks are more and more frequent, in February when a new type of DDOS attack network was exposed, using the latest vulnerabilities, including Microsoft's recent collection of remote desktop vulnerabilities, using these vulnerabilities to form an attack network. DDOS attacks ranged from dozens of gigabytes to hundreds of gigabytes of traffic, and university websites and some small and medium-sized enterprise websites were also attacked by botnets.

According to SINE Security, from the currently known traffic attacks, the university website in the United States was attacked and suffered a total of more than 20 traffic attacks. The website server was paralyzed for at least a few hours. Some internal office systems in the university were not affected by the traffic attack. The Philippine Public Welfare Alliance website was severely attacked with 500G traffic packets per second, resulting in the website being forced to shut down for 12 hours. The specific reason for the attack is unknown. Also in March of this year, foreign Facebook sites were attacked by traffic, and users could not log in, some of which were more serious. There are also many cases of DDOS traffic attacks in China. Some online education websites, university enrollment websites, Baidu promotion websites, chess pai games, BC platforms are also suffering from more and more traffic attacks.

According to the data, China is the country with the most DDOS traffic attacks, China is the most attacked by DDOS, the second place is the United States, and Hong Kong. The peak of DDOS attacks is in late March of 2019, and the least traffic attacks are in January. DDOS attack types are udp flood attack, http attack, icmp attack, tcp flood,ACK attack. The attacker's system type is also mostly linux. DDOS traffic attack sources, the first is the United States server, Dutch server, Russian server.

As can be seen from the above statistical chart, the number of Linux hosts is far greater than that of Windows hosts, accounting for 95.71 percent in 2019, while Windows hosts rose to 4.29 percent, most people will feel that Windows hosts have been welcomed, in fact, these are some external hardware based on Windows systems, some attackers use weak passwords and system vulnerabilities to invade these hardware, and use them as broilers.

Analysis of Domestic DDOS Traffic Attack Data

According to SINE safety detection statistics, there are more than 200 DDOS broiler control terminals in each month in the first half of 2019 in China, and very few of them are controlled at home. Most broiler control terminals are abroad, and foreign servers are used, such as Taiwan, South Korea, Japan, Philippines and Cambodia. In China, the control terminals are distributed in Jiangsu Province and Guangdong Province, and there are many telecommunication lines. In the first half of 2019, the number of attacks by broilers is about 200,000 per month, and the bandwidth of each broiler is between 2- 10M, some reaching 50- 100M. Broilers are distributed in Guangdong Province, Zhejiang Province, Jiangsu Province, Fujian Province and Henan Province, with the most telecommunication lines.

Analysis of DDOS Attack Types

NTP traffic attack, ACK traffic attack, Memcached cache attack, DNS traffic attack, SSDP reflection traffic attack, the use of these attacks in Shandong Province, Jiangsu, Guangdong, line operators are also telecommunications, Unicom. Through the above DDOS traffic analysis, it can be concluded that in the first half of 2019, it is still affected by DDOS traffic attacks. DDOS has not been able to get a better solution, nor can it completely solve this situation. Of course, there will be attacks if there is competition. The domestic traffic attacks are the most, and some chess and BC platforms are the main targets of attacks.

After reading the above content, do you have a grasp of DDOS traffic attack analysis and what is the solution? If you still want to learn more skills or want to know more related content, welcome to pay attention to the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.