Shulou(Shulou.com)06/01 Report--

The purpose of this article is to share with you about how to attack 103.216.154.xx from UDP. The editor thinks it is very practical, so I share it with you. I hope you can get something after reading this article.

First of all, we need to understand a concept of UDP, the Chinese name is the user Datagram protocol, which is simply a connectionless transport layer protocol that provides a simple and unreliable transaction-oriented information transfer service.

The attack principle of UDPFlood

UDPFlood is an increasingly rampant flow attack, and the principle is simple. The common situation is to use a large number of UDP packets to impact DNS servers or Radius authentication servers and streaming video servers. The 100k bps UDPFlood often paralyzes backbone devices on the line, such as firewalls, causing paralysis of the entire network segment. Because the UDP protocol is a connectionless service, in a UDPFLOOD attack, an attacker can send a large number of packets that spoof the source IP address. However, because the UDP protocol is connectionless, as long as a UDP port is opened to provide related services, then the related services can be attacked.

This is because in the TCP/IP protocol hierarchy model, UDP is above the IP layer. The application accesses the UDP layer and then uses the IP layer to transmit datagrams. The header of the IP layer indicates the source and destination host addresses, while the header of the UDP layer indicates the source and destination ports on the host. Therefore, the attack of UDP is easier to call in directly. Now there is a solution. It is written below. Please read on.

In normal applications, the two-way traffic of UDP packets will be basically the same, and the size and content are random and vary greatly. In the case of UDPFlood, a large number of UDP packets for the same target IP appear on one side, and the content and size are relatively fixed. By choosing Guangdong Lilian Technology, our company has now been able to ban large categories of attacks, can run UDP business normally and does not affect the progress of business, and will automatically choose to ban a large number of attacks as soon as it is detected, ensuring that users' business using udp will not be affected.

The above is how to attack the 103.216.154.xx from UDP. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.