Is aggressor OK it is more difficult that through rebounding the technology makes we are atttacked to DDOS with defence? ? Use rebound the server rebounds the pluvial bag of DDOS, that is to say, wrap through sending many deceit to request data (origin address is Victim, fall victim server, or target server) give the many server on Internet group, and these servers group many respondent bag will be sent to give Victim after receiving a request. The result is the pluvial data that is used at attack so flow by many server place attenuant, the assemble is in finally to be the flood in the victim, make victim more keep apart attack flood to flow hard, and more dog with Traceback hard the origin that the technique goes finding the flood to flow.

Atttack in distributed DOS (DDOS) in, aggressor inbreaked beforehand a large number of servers, embedded on these servers DDOS atttacks a program, the network that links these servers that are inbreaked next transmits force to launch attack. Use many server to started attack to increase the strength of attack not only, and be hard to be on guard more.

Graph 1: The structure that DDOS atttacks

The graph showed before the structure that DDOS atttacks: A lead plane, advocate server (Master) , action is to send control message to give inbreak beforehand and of program of embedded already DDOS from the server group (Slave) , control from the server group the attack that launchs pair of target servers. From the server group it is the source address that produces tall size forge or random network data flows, shed these data send target server. Because the source address of data shedding is forged, increased the difficulty that find out.

Use thousands of from the server not only can additional the difficulty that find out is increased (because identify a large number of different source hard, the road with need many inquiry by implement) , and huge block up the action that needs to adopt after be found out successfully (because this wants,contact with many network manager, the network filter with many installation) .

Graph 2: Use rebound the structure that undertakes DDOS is atttacked

Consider careful aggressor to be able to rebound through using now server (Reflector) , the better attack that organizes them. Rebound the server is to point to, can produce a main engine that responds to datagram after receiving datagram of a request. For example, all WEB servers, DNS server, reach a road by implement it is to rebound server, because they are met,respond to SYN ACKs or RST message to SYN message or other TCP message, and the datagram that to a few IP message responds to ICMP datagram overtime or destination cannot amount to a message. And the datagram that aggressor can use these responses launchs DDOS attack to target server.
Previous12 Next

Previous:Primary technology summarizes the hacker
Next：Building overall situation to install collectivity is to be on guard DoS attack