ECS anti mining

1. In fact, the core problem of DDoS is that the cost of initiating DDoS is very low, while the cost of protection is very high. As far as I know, there should be more than 200g DDoS attacks in China this year. Most of the domestic companies are unable to withstand, of course, there is no deep hatred or huge business purpose, and they will not launch attacks of such scale. But at present hang up an ordinary website has a few G can, attack cost only a few hundred, protection may need dozens of times, some may not be able to defend live. Before my personal website was DDoS, the other side on a g, and then I was unplugged. Many IDC export just a few g, a dozen to hang up, a few times down, and then they let you move out of the computer room. It seems that the protection provided by Alibaba cloud is 5g. The building owner has been attacked by a black hole. I feel that the traffic attacking you should exceed 10g. Since Alibaba cloud publicly announced that it would provide 5g free DDoS protection, several other domestic cloud protection manufacturers have basically erased the parameters of DDoS protection and dare not make a positive comparison. You can learn about the parameters and prices of anananbao and accelerator. DDoS is really a big threat to the Internet. Protecting DDoS is not as simple as sealing IP understood by the building owner. To seal the traffic of this IP can only be sealed at the source of attack at the end of telecom operators. If the operator is not blocked, the attack traffic will flood your server address like a flood. IDC and alicloud can't stop these traffic from flowing to them. In any case, the traffic is pouring into IDC's compound, and the next goal is to rush to a door. IDC either cleans up the traffic and keeps the website under attack normal access, or it has a black hole. DDoS protection is to analyze the normal access and malicious attacks in these floods. The cleaning capability is limited. Alibaba cloud provides 5g. If it exceeds 5g, it will be a black hole. The unlimited cleaning cost is very high, and it will also affect other Alibaba cloud users< In addition, the owner may have misunderstood the usability. In fact, when your website was attacked, the virtual machine was still working, but the network was blocked.

2. Cloud computing
"cloud" is a metaphor of the Internet. "Cloud computing" is to use the Internet to access applications, data, or services that are stored or run on remote servers
the cloud is also hierarchical. Any company that provides its services on the Internet can be called a cloud computing company. According to NIST's authoritative definition, cloud computing has SPI, namely SaaS, PAAS and IAAs
Infrastructure - as-a-service,
platform - as-a-service,
software - as-a-service
infrastructure is at the bottom, platform is in the middle, and software is at the top. Other "soft" layers can be added on top of these layers.

3.

What kind of configuration is this? Processing power is weak, memory is small, disk is very small (disk IO is still very beautiful, sorry, I still don't have the impulse to make fun of it), bandwidth is small (the maximum download speed is 120KB / s). It doesn't sound like it's going to work. Not really, but its advantages:

no electricity, 24 * 365 online. Even the smallest computer unit, blackberry pie, needs 5W

Last of all, I won't tell their ordinary people easily. Well, the uplink bandwidth of Alibaba cloud is not limited (to be exact, it is a very loose limit independent of the downlink bandwidth). What does that mean? It means that the download speed is very fast

4.

1. Different supply and deployment times:

virtual hosts - days to weeks. Cloud server - instant, can be completed in a few minutes, can be deployed with one click, can also install the operating system

2, different security and reliability

virtual host - General: high failure rate of renting white card server, basically no ARP, Trojan horse and DDoS prevention ability, basically no standby machine and data backup service

cloud server - high: built in ARP prevention, large-scale improvement of DDoS anti attack capability; Share the performance and reliability of brand enterprise server and hardware virtualization, with built-in ha; Provide backup, snapshot, data backup and other fast recovery measures

< H2 > extended data:

features of cloud server:

1. Elastic expansion, upgradable configuration and pay on demand

2. Simple and efficient, no need to purchase machines in advance, ready to use, rapid business deployment

3. Independent operating system, isolation of hardware resources + exclusive bandwidth

4. Centralized remote management platform + multi-level business backup

characteristics of cloud virtual host:

1. The number of site connections increases linearly with the increase of node servers, breaking through the limit of the number of single site connections

When the load of a node is too high, the cluster will automatically spread the excessive load to other nodes, which can effectively resist the attack of hackers

3 when a site on a node cannot be accessed, the access of the site will be automatically transferred to the same site of the next node, thus effectively avoiding the occurrence of single point of failure

5. The function of security group is not used to defend against CC attack
if you want to do defense, you can buy cloud knight, and ECS comes with cloud shield, which can prevent CC attacks.

6. ECS is a kind of invisible function λ- Driver refers to the defense and attack ability of the body completely with your own thoughts. For example, if you want to protect yourself, it will form an invisible protective film. As long as you want to let the bullet fire, it will fire, but it seems to have a strong concentration and mental power

7. Installation of guardian God, intrusion prevention system and artificial security reinforcement can prevent technicians from entering.

8. VPS is a virtual server built by using virtual technology to divide a part of memory, hard disk and bandwidth on a physical server, while cloud server is a part similar to an independent host divided by using virtual technology on a group of cluster servers, Because VPS runs on a physical server, if the physical server fails, all the above VPS will be affected and cannot be used normally. The cloud server runs in a cluster server, Every machine in the cluster will have an image backup of the cloud server. Even if one or several machines fail, the normal access of the cloud server will not be affected. In contrast, the cloud server is more secure than the traditional VPS, Stable. Each user's website is different, so there are different requirements for cloud servers. There is no way to directly judge whether alicloud is suitable for you. So it is recommended to choose the one with the best cost performance according to your own situation

9.

The security settings of the cloud server mainly include the following important aspects:

1. The first is the user management of the server. Many attacks and crackdowns are aimed at the remote login of the system. After all, after getting the login user, you can enter the system for operation, so the first thing to do is to prohibit the remote login of the root super user

2. Change the default port of SSH to other uncommon ports. You may not know that our server is actually being scanned by many scanning tools every day, especially for the SSH default port 22 of Linux server. After the scanning tool scans port 22, it may try to crack and log in. Modifying the default port of SSH can rece the probability of scanning and violent login. In addition, you can also use programs such as fail2ban to prevent SSH from being brutally cracked. The principle is to disable the login of that IP after the number of failed login attempts

3. SSH is changed to login with a key, so you don't have to worry about brute force cracking, because the other party can't have your key, which is much safer than password login

Be sure to regularly check and upgrade your website programs and related components, and timely repair those major known vulnerabilities. There are also many crawler robots on the Internet scanning various websites every day, trying to find system vulnerabilities. Even if you have done a good job in the server user rights management and login protection, it is still possible for you to be hacked in the website program

5. In addition, if multiple website systems (blog + enterprise official website) are running on < EM > cloud server < / EM >. I recommend using the docker container to isolate the running environment and run each program in a separate container, so that even if one of the website programs on the server is cracked and intruded, it will be limited in the intruded container and will not affect other containers or the system itself

10. Flexible web hosting can be understood that the achievement is well configured in the environment. You can upload your files directly through FTP, and then you can access them, only with the permission of FTP
the ECS host can be understood as a server, which can log in to the host remotely and build its own environment.