IDGlobal teaches you how to judge whether the website server is attacked by CC?

What is a CC attack? The CC attack is to use the continuous sending of connection requests to the website to cause a denial of service. The attacker continuously sends a large number of data packets to the victim host through the proxy server or broiler, causing the resource of the other party's server to be exhausted until it crashes.

The main working principle of CC attack is to consume resources. This depends on the type of attack, whether the packet capture analysis is through multiple IPs, and the page is refreshed. If it is, this is the most typical CC attack. If the cc attack your website cannot be opened, there will be a specified resource exhaustion, which will cause the website to fail to open or load slowly. You can judge for yourself, it is one of the following four situations.

One, CPU exhausted

Hackers use a large number of broilers to refresh the dynamic pages of your website, resulting in a lot of concurrency, resulting in 100% CPU directly, and the website running on the server will be slow, or even unable to open.

Second, memory exhaustion

A large number of dynamic requests by hackers to refresh your website will generate a lot of memory, and when the memory is full, it will cause problems such as slow opening of the web page.

Three, disk IO read and write is super high

We all know that the IO read/write rate of each type of disk is limited. Like SSD disk, it is generally about a few hundred MB. Hackers use upload and download files to continuously upload and download files. Disk resources are full, but once the IO is full , then the normal reading and writing will not work properly, which will directly cause the website to fail to open, or the opening will time out.

4. Consume bandwidth resources

Now the general cloud server configuration is 5M 10M exclusive bandwidth, but this bandwidth is like ants shaking elephants for CC attacks. Hackers use a large number of broilers around the world to easily hit 5G 10G Even hundreds of gigabytes of traffic, and some service providers have an upper limit on the bandwidth on each cloud server, once the inflow traffic exceeds 5G, they will directly pull the IP of the server into the black hole to ensure the stability of the overall network Sex, as we say, is to unplug the network cable. IP can't get in, and the website can't be opened naturally.

How to defend against CC attacks?

You can use IID (IDGlobal)High-defense CDN shares and filters attack pressure. High-defense CDN achieves defense by dispersing attacks through multiple distributed high-defense nodes.