【What are the principles of DDoS attacks and CC attacks? What's the difference? 】¶
What are the principles of DDoS attacks and CC attacks? What's the difference?¶
💻Collection search tools + analysis🔧¶
In recent years, with the rapid development of the mobile Internet, the number of network attacks has increased year by year, and attacks on websites have become more and more frequent. Among the many attack methods, the most common ones should be CC attacks and DDoS attacks, especially Some websites with poor protection capabilities are easily paralyzed once attacked, causing unnecessary trouble.
Author: Admin • Published by:2023-11-13 01:57 • Column
In recent years, with the rapid development of the mobile Internet, the number of network attacks has increased year by year, and attacks on websites have become more and more frequent. Among the many attack methods, the most common ones should be CC attacks and DDoS attacks, especially Some websites with poor protection capabilities are easily paralyzed once attacked, causing unnecessary trouble. So what is the difference between the principles of DDoS attacks and CC attacks? This article will introduce them to you.
CC attack
The previous life of CC was an attack program called fatboy, which was developed by hackers to challenge an anti-DDoS device. It should be regarded as an application layer DDoS, which occurs after the TCP 3-way handshake is completed. The IPs it sends are
actually real. However, DDoS at the application layer is more powerful than DDoS at the network layer, and most of the current commercial anti-DDOS devices are better at defending against DDoS at the network layer. There is currently no effective means to deal with DDoS attacks at the application layer. In fact, the attack principle of CC is relatively simple, which is to continuously issue requests to some resource-consuming application pages, thereby consuming server resources. In web applications, operations such as querying databases, reading and writing hard disk files, etc. are relatively resource-consuming. .
DDoS attack
The principle of DDoS attack is to use network overload to interfere with or hinder normal network communication, and then apply for a large number of requests to the server, causing the server to be overloaded. In this way, normal data requests are blocked, that is, normal requests made by normal visitors to the server are blocked. Several common DDoS attacks include ICMP
flod, SYN flood, and UDP flood. SYN
flood is the most common attack method. It exploits flaws in the design of the TCP protocol and creates a lot of fake attacks. IP source address, and then send a large number of SYN packets to the server, and then the server will return ACK/SYN packets, but the IP is forged, so the server will not receive a response, and will try 3-5 times and wait for a SYN time
. If it times out, the connection will be dropped.
The attacker sends a large number of SYN requests with such forged source addresses. The server will consume a lot of resources to process such semi-connections and also retry SYN/ACK for these requests. The final result is that the server has no time to deal with normal requests. The connection request resulted in a denial of service. This is the principle of DDoS attack.
The difference between the two is:
CC attacks simulate users attacking some resource-consuming web pages, while DDoS attacks target IPs. Although the two attack methods are different, the consequences are that normal users cannot access them. If the server does not take defensive measures, it will be blackhole by the server operator if it is attacked by a small attack. The blackhole time of multiple attacks will become longer and longer, and a large number of users will be lost.
The article comes from the Internet: What are the principles of DDoS attacks and CC attacks? What's the difference?
Original article, author: Admin, please indicate the source for reprinting: https://secvery.com/11644.html