DDoS attack of mine pool
1. First, right-click [run] or "Win + R" in the [start] button to open the run box
2. Then, enter "CMD" in the run box, and then click OK
3. In the "command prompt", enter "ARP - A & quot;, enter. And choose the IP you want to attack; arp-a" This step is to see the current LAN device connection status
4, input "ping - L 65500 192.168.1.103 - t" and enter- L is the size of the transmit buffer and 65500 is its limit- Suppose I want to attack the server with IP 192.168.1.103, this is DDoS attack
5. If you want to stop the attack, you need to press "Ctrl + C" on the keyboard to end
{rrrrrrr}
DDoS term explanation, Distributed denial of service (DDoS) attack means that with the help of client / server technology, multiple computers are combined as an attack platform to launch DDoS attack on one or more targets, thus doubling the power of denial of service attack
with first-class attack speed and powerful concealment performance, DDoS integrates the advantages of all attack software on the market and becomes the most popular attack mode. Next, this article will briefly introce the three most popular DDoS attacks
1. DOS uses its own computer to attack the target, and it is also a one-to-one relationship. DDoS is a new attack mode based on DoS attack. It controls hundreds of broilers to form a DDoS attack group and attack the target at the same time. DOS is a denial of service attack, while DDoS is a distributed denial of service attack; Dos and DDoS are both a way to attack target server and network service
2. Theoretically, no matter how large the resources of the target server and network service are, and how large the bandwidth, memory and CPU are, dos and DDoS attacks cannot be avoided. Therefore, no matter how large the resources are, there is a limit value. For example, a server can process 1000 packets per second, and send 1001 packets to the server through DoS attacks, At this time, the server can't run normally, so we need to expand the capacity of the server
Technically, dos and DDoS attack the bandwidth and connectivity of the target server, making the bandwidth resource of the target server exhausted and unable to run normallyextended information:
hacker attack means can be divided into non-destructive attack and destructive attack. Generally, non-destructive attack is to disturb the operation of the system, and does not steal system data. It usually uses denial of service attack or information bomb; The purpose of destructive attack is to invade other people's computer system, steal confidential information of the system and destroy the data of the target system
reference source: hackers' Web links
1. TCP flood attack is one of the most popular DOS (denial of service attack) and DDoS (distributed denial of service attack), which is a way to take advantage of TCP protocol defects
a large number of forged TCP connection requests are sent, and the first handshake packet (syn packet) is sent from the commonly used fake IP or IP segment, and the attacked server responds to the second handshake packet (syn + ACK packet). Because the other party is a fake IP, the other party will never receive the packet and will not respond to the third handshake packet
causes the attacked server to maintain a large number of Syns_ "Half connection" in recv status, and it will try again. By default, it will respond to the second handshake packet five times, fill the TCP queue waiting for connection, and run out of resources (CPU full load or insufficient memory), so that normal business requests can not be connected
2. Reflective attack (DRDOS)
reflective DDoS attack is a new variant, which is different from DOS and DDoS. This method relies on sending a large number of packets with the victim's IP address to the attacking host, and then the attacking host makes a large number of responses to the IP address source, forming a denial of service attack
hackers often choose services whose response packets are much larger than the request packets to use. Only in this way can they exchange smaller traffic for larger traffic, and obtain several times or even dozens of times of amplification effect, so as to make a big difference. Generally speaking, services that can be used to amplify and reflect attacks include DNS service, NTP service, SSDP service, chargen service, memcached service, etc
3. CC attack (HTTP flood)
HTTP flood, also known as CC attack, is an attack against web services in layer 7 protocol. By sending a large number of HTTP requests to the web server to imitate the website visitors to exhaust their resources. Although some of these attacks have patterns that can be used to identify and block them, they cannot be easily identified. Its great harm is mainly manifested in three aspects: easy to initiate, difficult to filter and far-reaching influence
4, direct botnet attack
botnet is commonly known as "broiler", now "broiler" is no longer limited to traditional PC, more and more intelligent Internet of things devices enter the market, and the security is far lower than PC, which makes it easier for attackers to obtain a large number of "broiler"
is also easier to launch botnet attacks directly. Depending on the type of Botnet, attackers can use it to perform a variety of attacks, not only on websites, but also on game servers and any other services
DOS attack uses some server program bugs, security vulnerabilities, and architecture defects to attackand then sends abnormal requests to the server. The server is paralyzed because it can't judge and process malicious requests, resulting in denial of service. The above are the types of DDoS attacks that Mohist security believes have appeared at this stage. Of course, they may not be so comprehensive. The types of DDoS attacks are complex and constantly evolving. The current defense is also enhanced with the attack methods
It costs a lot