What is a CC attack? CC attack, translated as Challenge Collapsar in English, is a type of DDOS attack and is one of the most common methods of network attacks. It mainly targets the 7th layer protocol of web services and launches attacks through port scanning programs that search for anonymous HTTP proxies or SOCKS proxies on the Internet to send HTTP requests to the target. CC attacks are favored by many hackers due to their fast effectiveness, low cost, and difficulty to trace. What should we do when our website is under a CC attack? Today, Moker Security will briefly discuss the characteristics of CC attacks and how to defend against them.
Characteristics of CC network attacks and how to defend against CC attacks
I. What are the characteristics of CC attacks?
-
The requests of CC attacks are all simulated real and valid requests, so they cannot be rejected.
-
The IPs used to launch CC attacks are real and scattered, making it difficult to trace.
-
The data packets of CC attacks are simulated normal data packets of real users.
-
CC attacks are generally aimed at webpage attacks. The server can be connected and pinged without any problems, but the webpage cannot be accessed.
II. How to defend against CC attacks?
- Use sessions to implement access counters:
Use sessions to create page access counters or file download counters for each IP to prevent users from refreshing pages frequently, which leads to frequent database reads or frequent file downloads to generate a large amount of traffic. (File downloads should not directly use the download address to filter CC attacks in the server code)
- Generate static pages for the website:
A large number of facts have proven that making the website as static as possible can not only greatly improve the ability to defend against attacks but also bring a lot of trouble to hackers' intrusion. For example, portals such as Sina, Sohu, and NetEase mainly use static pages. If you don't need dynamic scripts, you can send them to another separate host to bypass the main server when under attack.
Characteristics of CC network attacks and how to defend against CC attacks
- Enhance the TCP/IP stack of the operating system:
As a server operating system, Win2000 and Win2003 have certain capabilities to resist DDOS attacks. They are generally not enabled by default. If enabled, they can withstand about 10,000 SYN attack packets. For specific operations, you can refer to the official Microsoft website for the operation methods.
- Deploy high-defense CDN protection:
The simplest and most convenient way to defend against CC attacks is to hide the source IP of the server by accessing Moker's high-defense CDN. The high-defense CDN can automatically identify malicious attack traffic and intelligently clean up this fake traffic, redirecting normal visitor traffic to the source server IP to ensure the normal and stable operation of the source server.
Characteristics of CC network attacks and how to defend against CC attacks
Source: https://hostloc.com/thread-983882-1-1.html
(From: Global Hosting Exchange Forum)