How to defend network attacks on high defense servers-Jtti

Support >

How to defend network attacks on high defense servers

Time : 2023-05-17 16:22:58

Edit : Jtti

　　Many Internet companies will choose high defense servers instead of ordinary servers, because high defense servers are significantly better than ordinary servers in terms of configuration and network resources. More importantly, their defense network attack capabilities are stronger than ordinary servers. Below is the defense network attack process of high defense server:

　　1. Regular scanning

　　Scan the existing network master nodes on a regular basis, check the possible security vulnerabilities, and clean up the new vulnerabilities in time.

　　2. Configure the firewall at the backbone node of the high defense server

　　Installing the firewall can effectively resist the DDOS attack and other attacks. When the attack is found, the attack can be directed to some unimportant sacrifice hosts, so as to protect the real hosts not being attacked.

　　3. Make full use of network equipment to protect network resources

　　When a company uses load balancing equipment such as routers and firewalls, it can effectively protect the network. In this way, when one router is attacked, the other will work immediately, thus cutting DDOS attacks to the greatest extent.

　　4. Filter unnecessary services and ports

　　Filter the fake IP on the router. Only the open service port is now a high defense server. Close all other ports or prevent it on the firewall.

　　5. Limit SYN/ICMP traffic

　　Users should configure the maximum traffic of Syn/ICMP on the router to limit the highest frequency width that Syn/ICMP packets can occupy. In this way, when a large number of limited SYN/ICMP flows appear, it means that it is not a normal network access, but it is, but it is not a normal network access, but it There are hackers invasion.

　　6. Filter all RFC1918 IP address

　　The RFC1918 IP address is the IP address of the internal network. They are not a fixed IP address of a network segment, but the regional IP address retained inside the Internet, which should be filtered out. This method is not to filter the interviews of internal employees, but to filter a large number of false internal IPs forged during the attack, which can also reduce the DDOS attack.

Previous one:Why is there such a big price difference between Hong Kong servers with the same configuration? Next one:How to distinguish VPS and independent servers

Relevant contents

What are the reasons for data loss in Hong Kong server website construction? How to solve it What is the difference between US server rental and hosting? Server rent selection shared bandwidth or exclusive bandwidth Why is there such a big price difference between Hong Kong servers with the same configuration? How to distinguish VPS and independent servers What is the use of American dynamic VPS What is the Hong Kong Elastic Cloud Server What does the operation, maintenance, and management of Hong Kong data center infrastructure include? How many ms is the delay of the US server considered normal? Is the security of Singapore's cloud servers high or not