摘要
DDOS主要是借助于客户端与服务器端技术,使处于不同区域的多个计算机联合起来,对其他区域的一个或多台计算机进行控制,然后利用这些计算机对目标实施攻击。DDOS攻击是网络安全防范难题,其特点是隐藏性强、攻击范围广。DDOS攻击的目的有2个:一是消耗网络带宽资源;二是消耗服务器系统资源。SYN Flood和UDP Flood是流量最大的两种攻击类型。源端防御可以从出口过滤及DWARD、COSSACK几个方面入手;中端防御指的是在DDOS发起攻击的途中采取的有效的防范措施;容忍性及主机系统的增强和提高,网络安全性过滤为拒绝服务终端的防御对策技术的主要方面。
DDOS(Distributed Denial of Service), mainly by the use of client-side and server-side technology, combines multiple computers in different areas, to control one or more computers in other areas. These computers are then used to attack the target. DDOS attack is a great challenge for network security, and its main features are strongly hidden and widely spread. The two main purposes of DDOS attack are to consume the resources of network bandwidth and to consume the resources of server system. SYN Flood and UDP Flood are two main types of attack with maximum flow. The source-end defense can start from exit filtering and DWARD and COSSACK. The middle defense refers to the effective precautionary measures taken on the way of DDOS attack. The strengthening of tolerance, the improvement of the host system and the network security filtration are the main terminal defense techniques for DDOS.
作者
张鹏骞
ZHANG Pengqian(Children's Hospital Of Hebei Province,Shijiazhuang,Hebei 050000,China)
出处
《衡水学院学报》
2018年第3期1-4,共4页
Journal of Hengshui University
