- 浏览: 212719 次
- 性别:
- 来自: 深圳
文章分类
最新评论
-
liminshaoye:
为什么我的一次成功之后就不能发送第二次了呢?
Java 使用SMSLib通过串口通讯收发短信 -
sziitjiang:
面试的题目,慢慢研究,还是能学到很多东西
JAVA 面试题 -
sziitjiang:
老大,我百度了一下SMG引擎,把你的博客给百度出来了!
SMG引擎 1.3.0 功能说明 -
jinkunaier:
,受教了!
深入探索SOAP1.1--使用SAAJ1.2.1 -
genggeng:
THX,对我入门很有帮助......
Java 使用SMSLib通过串口通讯收发短信
近日发现DNS bind9.9.1 存在严重的安全漏洞 .
tail -f dns.log 发现大量不同网段ip 请求whbl.com 域名 .打开该网站看了看是个国外新闻网站. 同过日志分析发现攻击者使用了DoS攻击,采用了大量僵死云向我们服务器发起dns请求,请求频率超过2次/秒. 网上查了,有的出来个补丁但是都是针对9.3.2以下版本的.
这些请求占用了带宽.在9.9.1P下服务还挺得住,CPU没升.但请求频繁也耗网络带宽,经过分析编写了反DoS拒绝服务.很好的解决了系统bug .dns垃圾请求被过滤.
原理很简单. 用机器人检测到攻击者ip ,自动拦截填入 blackhole,然后系统自动reload. 则再次请求就被拒绝.有多少僵死,绑定多少,然后咱也吹嘘一番,不怕DoS.哈哈哈
1) 增加blackhole dosip
2)讲请求的目标dns 禁止transfer ,禁止query .虽然禁止了但仍然会传递到父级dns
zone "whbl.com" IN {
type master;
file "fuqit.zone";
allow-update { none; };
allow-query { none; };
allow-transfer { none; };
};
完整的named.conf 如下
options {
directory "C:\WINDOWS\system32\dns\etc";
forwarders {
58.60.188.178;
58.60.188.179;
};
version "DDos SMG 2012";
allow-query { any; };
//allow-query-cache { any; };
allow-recursion { none; };
blackhole {
#SMG Robert added dosips automaticly,donot Remove the follow NOTE
#Robert Start
##DoS
176.31.228.8;
13.104.128.167;
209.105.239.166;
#Robert END
};
};
//DNS
zone "." {
type hint;
file "named.root";
};
// localhost
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "fuqit.net" IN {
type master;
file "fuqit.zone";
allow-update { none; };
};
zone "59.61.37.121.in-addr.arpa" in {
type master;
file "fuqit.local";
allow-update { none; };
};
zone "whbl.com" IN {
type master;
file "fuqit.zone";
allow-update { none; };
allow-query { none; };
allow-transfer { none; };
};
logging {
channel warning
{
file "C:\WINDOWS\system32\dns\log\warning.log" versions 3 size 1240k;
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};
channel general_dns
{
file "C:\WINDOWS\system32\dns\log\dns.log" versions 3 size 1240k;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default { warning; };
category queries { general_dns; };
};
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "UBAzaol7wLYvsj/kKDaqlQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
# End of rndc.conf
# End of named.conf
部分源码如下:因为挂接的SMG引擎 是java代码 仅供参考
思路在hole中添加一特标记 ##DoS
程序查找该标记 每次检测几组ip ,依次检测更新到named.conf .如果有更新就relaod 否则,休息. 以上代码编写打包测试我用了2个小时左右.
#file:HandleDDoSBindMap.java
package cpgmt;
import com.hotmail.walksing.module.file.Wfile;
import com.hotmail.walksing.module.string.Wregex;
import com.hotmail.walksing.module.string.wsString;
import app.HandleMap;
import app.PPGMain;
import app.Putter;
import app.Admin;
/*******************************************************************************
* HandleDDoSBindMap map request,response
*
* DenyDoS avaiable bind9.91
* parseDNSLog ,find request to whbl.com ,get DoSip ->store bindconf->reload named
* @author runus
* @version 1.0.0
* @date 20120708
*
*/
public class HandleDDoSBindMap implements HandleMap {
/***************************************************************************
* parseDNSLog ,get DoSip ->store bindconf->reload named
* @param p
* @return
*/
public static String dnslogfid=null;
public static String dnsconf=null;
public int mapRequest(Putter p) {
p=new Putter();
p.set("bindReload", PPGMain.props.getProperty("bindReload","rndc reload"));
if(dnslogfid==null){
dnslogfid=PPGMain.props.getProperty("bindlog","");
dnsconf=PPGMain.props.getProperty("bindconf","");
app.PPGMain.echo("MORNITORING dnslogfid {"+dnslogfid+"}");
app.PPGMain.echo("MORNITORING dnsconf {"+dnsconf+"}");
}
String retmsg = null;
String logcmd="tail -5 "+dnslogfid;
retmsg=Admin.exec(logcmd);
String dosIp=parseDoSIP(retmsg);
if(dosIp.length()==0){
try {
Thread.sleep(120000);
return 2;
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
app.PPGMain.echo("----parsed DoSips---\n"+dosIp);
boolean isupdated=setNamed(dnsconf,dosIp);
int rt=0;
String retcode = "2";
if(isupdated){
retmsg=Admin.exec(p.get("bindReload"));
PPGMain.echo("exec "+p.get("bindReload")+"|response===>" + retmsg);
if(Wregex.eregi("result 0|successful",retmsg ))
retcode="2";
else
retcode="3";
p.set("retcode", retcode);
PPGMain.echo("response:" + retcode);
p.set("retmsg", retmsg);
}else{
Wfile.dln("setNamed:"+isupdated);
rt=2;
}
if (Wregex.eregi("^[0-9]{1,}$", retcode)) {
return Integer.parseInt(retcode);
} else {
return -1;
}
}
//08-七月-2012 8:17:48.076 queries: info: client 24.180.162.231#16958 (whbl.com): query: whbl.com IN TXT +E (121.37.61.59)
public String parseDoSIP(String r){
String ip=null;
int st=0,ed=0;
String filter=PPGMain.props.getProperty("bindDoSFilter","whbl\\.com"); //whbl\\.com|xxx\\.net
String ptr=" client ";
if(!Wregex.eregi(filter, r))
return "";
StringBuffer ips=new StringBuffer();
String[] l = r.split("\n");
for(int i=0;i<l.length;i++){
if(l[i]==null||!Wregex.eregi(filter, l[i])) continue;
r=l[i];
st = r.indexOf(ptr);
if(st==-1) continue;
st+=ptr.length();
ed=r.indexOf("#",st);
if(ed>-1){
ip=r.substring(st,ed);
if(ips.indexOf(ip)==-1) ips.append(ip+";\n");
}
}
return ips.toString();
}
public boolean setNamed(String conf,String dosIp){
String s=Wfile.openToString(conf);
int st=0;
String ptr="##DoS";
Wfile.dln("bindconf length:"+s.length());
st = s.indexOf(ptr);
if(st==-1){
Wfile.dln("setNamed::error:: cannot find partner:"+ptr);
return false;
}
StringBuffer b=new StringBuffer();
st+=ptr.length()+1;//skip \n
b.append(s.substring(0, st));
s=s.substring(st);
String[] l=dosIp.split("\n");
for(int i=0;i<l.length;i++){
if(l[i]==null || s.indexOf(l[i])>-1) continue;
b.append(l[i]).append("\n");
}
b.append(s);
//Wfile.dln(s);
Wfile.writeFile(conf, b.toString());
b=null;
s=null;
return true;
}
}
系统配置如下smg3/conf/ppg.properties
cfgJobs=cpgmt.HandleDDoSBindMap:30000,
#DDoS bind Start
bindDoSFilter=whbl\\.com|xx\\.com
bindReload=rndc reload
bindlog=C:/WINDOWS/system32/dns/log/dns.log
bindconf=C:/WINDOWS/system32/dns/etc/named.conf
#DDoS bind End
该脚本支持多filter domain检测 .很容易扩展为自动根据访问频繁的记录进行绑定.
部署完成后,高枕无忧.管你什么dos随便来.
----------------------
以下为广告时间,不要走开,精彩在后头.
本站提供DDNS服务,速度快捷,不会断线.断线瞬间绑定;支持dDoS (防分布式拒绝DoS攻击)
年费:800 ,免安装程序url自动更新.可免7天试用.
网址:www.fuqit.net 不诚勿扰qq站内找
另外:本站提供云支付服务 smg-ves
转载,请保留链接版权 runusws AT gmail.com
广告之后继续...
------------
DoS攻击日志如下:
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:48.395 queries: info: client 108.41.10.44#37760 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:50.364 queries: info: client 108.41.10.44#59190 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:50.535 queries: info: client 108.41.10.44#50452 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:50.598 queries: info: client 108.41.10.44#43158 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:52.364 queries: info: client 108.41.10.44#26214 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:52.535 queries: info: client 108.41.10.44#49879 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:52.582 queries: info: client 108.41.10.44#10113 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:12:04.332 queries: info: client 121.37.61.59#64838 (www.oanda.co
m): query: www.oanda.com IN A + (121.37.61.59)
08-七月-2012 20:12:14.598 queries: info: client 121.37.61.59#64030 (www.oanda.co
m): query: www.oanda.com IN A + (121.37.61.59)
08-七月-2012 20:12:16.332 queries: info: client 74.125.18.158#58000 (www.fuqit.n
et): query: www.fuqit.net IN A - (121.37.61.59)
08-七月-2012 20:12:44.207 queries: info: client 121.37.61.59#53088 (dx.ggsafe.co
m): query: dx.ggsafe.com IN A + (121.37.61.59)
--------------
看到攻击ip 108.41.10.44
smg03 引擎日志执行如下:
INFO | jvm 1 | 2012/07/08 20:15:24 | 2012-07-08 20:15:24 ----parsed DoSips-
--
INFO | jvm 1 | 2012/07/08 20:15:24 | 108.41.10.44;
INFO | jvm 1 | 2012/07/08 20:15:24 |
INFO | jvm 1 | 2012/07/08 20:15:24 | bindconf length:1938
INFO | jvm 1 | 2012/07/08 20:15:24 | 2012-07-08 20:15:24 exec rndc reload|r
esponse===>#rndc reload
INFO | jvm 1 | 2012/07/08 20:15:24 |
INFO | jvm 1 | 2012/07/08 20:15:24 | server reload successful
INFO | jvm 1 | 2012/07/08 20:15:24 | result:0
INFO | jvm 1 | 2012/07/08 20:15:24 |
INFO | jvm 1 | 2012/07/08 20:15:24 | 2012-07-08 20:15:24 response:2
------------
看到108.41.10.44 被拦截
写入成功;到此reload成功. 复观察dns.log该ip被拒绝.至此大功告成.
tail -f dns.log 发现大量不同网段ip 请求whbl.com 域名 .打开该网站看了看是个国外新闻网站. 同过日志分析发现攻击者使用了DoS攻击,采用了大量僵死云向我们服务器发起dns请求,请求频率超过2次/秒. 网上查了,有的出来个补丁但是都是针对9.3.2以下版本的.
这些请求占用了带宽.在9.9.1P下服务还挺得住,CPU没升.但请求频繁也耗网络带宽,经过分析编写了反DoS拒绝服务.很好的解决了系统bug .dns垃圾请求被过滤.
原理很简单. 用机器人检测到攻击者ip ,自动拦截填入 blackhole,然后系统自动reload. 则再次请求就被拒绝.有多少僵死,绑定多少,然后咱也吹嘘一番,不怕DoS.哈哈哈
1) 增加blackhole dosip
2)讲请求的目标dns 禁止transfer ,禁止query .虽然禁止了但仍然会传递到父级dns
zone "whbl.com" IN {
type master;
file "fuqit.zone";
allow-update { none; };
allow-query { none; };
allow-transfer { none; };
};
完整的named.conf 如下
options {
directory "C:\WINDOWS\system32\dns\etc";
forwarders {
58.60.188.178;
58.60.188.179;
};
version "DDos SMG 2012";
allow-query { any; };
//allow-query-cache { any; };
allow-recursion { none; };
blackhole {
#SMG Robert added dosips automaticly,donot Remove the follow NOTE
#Robert Start
##DoS
176.31.228.8;
13.104.128.167;
209.105.239.166;
#Robert END
};
};
//DNS
zone "." {
type hint;
file "named.root";
};
// localhost
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "fuqit.net" IN {
type master;
file "fuqit.zone";
allow-update { none; };
};
zone "59.61.37.121.in-addr.arpa" in {
type master;
file "fuqit.local";
allow-update { none; };
};
zone "whbl.com" IN {
type master;
file "fuqit.zone";
allow-update { none; };
allow-query { none; };
allow-transfer { none; };
};
logging {
channel warning
{
file "C:\WINDOWS\system32\dns\log\warning.log" versions 3 size 1240k;
severity warning;
print-category yes;
print-severity yes;
print-time yes;
};
channel general_dns
{
file "C:\WINDOWS\system32\dns\log\dns.log" versions 3 size 1240k;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category default { warning; };
category queries { general_dns; };
};
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "UBAzaol7wLYvsj/kKDaqlQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
# End of rndc.conf
# End of named.conf
部分源码如下:因为挂接的SMG引擎 是java代码 仅供参考
思路在hole中添加一特标记 ##DoS
程序查找该标记 每次检测几组ip ,依次检测更新到named.conf .如果有更新就relaod 否则,休息. 以上代码编写打包测试我用了2个小时左右.
#file:HandleDDoSBindMap.java
package cpgmt;
import com.hotmail.walksing.module.file.Wfile;
import com.hotmail.walksing.module.string.Wregex;
import com.hotmail.walksing.module.string.wsString;
import app.HandleMap;
import app.PPGMain;
import app.Putter;
import app.Admin;
/*******************************************************************************
* HandleDDoSBindMap map request,response
*
* DenyDoS avaiable bind9.91
* parseDNSLog ,find request to whbl.com ,get DoSip ->store bindconf->reload named
* @author runus
* @version 1.0.0
* @date 20120708
*
*/
public class HandleDDoSBindMap implements HandleMap {
/***************************************************************************
* parseDNSLog ,get DoSip ->store bindconf->reload named
* @param p
* @return
*/
public static String dnslogfid=null;
public static String dnsconf=null;
public int mapRequest(Putter p) {
p=new Putter();
p.set("bindReload", PPGMain.props.getProperty("bindReload","rndc reload"));
if(dnslogfid==null){
dnslogfid=PPGMain.props.getProperty("bindlog","");
dnsconf=PPGMain.props.getProperty("bindconf","");
app.PPGMain.echo("MORNITORING dnslogfid {"+dnslogfid+"}");
app.PPGMain.echo("MORNITORING dnsconf {"+dnsconf+"}");
}
String retmsg = null;
String logcmd="tail -5 "+dnslogfid;
retmsg=Admin.exec(logcmd);
String dosIp=parseDoSIP(retmsg);
if(dosIp.length()==0){
try {
Thread.sleep(120000);
return 2;
} catch (InterruptedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
app.PPGMain.echo("----parsed DoSips---\n"+dosIp);
boolean isupdated=setNamed(dnsconf,dosIp);
int rt=0;
String retcode = "2";
if(isupdated){
retmsg=Admin.exec(p.get("bindReload"));
PPGMain.echo("exec "+p.get("bindReload")+"|response===>" + retmsg);
if(Wregex.eregi("result 0|successful",retmsg ))
retcode="2";
else
retcode="3";
p.set("retcode", retcode);
PPGMain.echo("response:" + retcode);
p.set("retmsg", retmsg);
}else{
Wfile.dln("setNamed:"+isupdated);
rt=2;
}
if (Wregex.eregi("^[0-9]{1,}$", retcode)) {
return Integer.parseInt(retcode);
} else {
return -1;
}
}
//08-七月-2012 8:17:48.076 queries: info: client 24.180.162.231#16958 (whbl.com): query: whbl.com IN TXT +E (121.37.61.59)
public String parseDoSIP(String r){
String ip=null;
int st=0,ed=0;
String filter=PPGMain.props.getProperty("bindDoSFilter","whbl\\.com"); //whbl\\.com|xxx\\.net
String ptr=" client ";
if(!Wregex.eregi(filter, r))
return "";
StringBuffer ips=new StringBuffer();
String[] l = r.split("\n");
for(int i=0;i<l.length;i++){
if(l[i]==null||!Wregex.eregi(filter, l[i])) continue;
r=l[i];
st = r.indexOf(ptr);
if(st==-1) continue;
st+=ptr.length();
ed=r.indexOf("#",st);
if(ed>-1){
ip=r.substring(st,ed);
if(ips.indexOf(ip)==-1) ips.append(ip+";\n");
}
}
return ips.toString();
}
public boolean setNamed(String conf,String dosIp){
String s=Wfile.openToString(conf);
int st=0;
String ptr="##DoS";
Wfile.dln("bindconf length:"+s.length());
st = s.indexOf(ptr);
if(st==-1){
Wfile.dln("setNamed::error:: cannot find partner:"+ptr);
return false;
}
StringBuffer b=new StringBuffer();
st+=ptr.length()+1;//skip \n
b.append(s.substring(0, st));
s=s.substring(st);
String[] l=dosIp.split("\n");
for(int i=0;i<l.length;i++){
if(l[i]==null || s.indexOf(l[i])>-1) continue;
b.append(l[i]).append("\n");
}
b.append(s);
//Wfile.dln(s);
Wfile.writeFile(conf, b.toString());
b=null;
s=null;
return true;
}
}
系统配置如下smg3/conf/ppg.properties
cfgJobs=cpgmt.HandleDDoSBindMap:30000,
#DDoS bind Start
bindDoSFilter=whbl\\.com|xx\\.com
bindReload=rndc reload
bindlog=C:/WINDOWS/system32/dns/log/dns.log
bindconf=C:/WINDOWS/system32/dns/etc/named.conf
#DDoS bind End
该脚本支持多filter domain检测 .很容易扩展为自动根据访问频繁的记录进行绑定.
部署完成后,高枕无忧.管你什么dos随便来.
----------------------
以下为广告时间,不要走开,精彩在后头.
本站提供DDNS服务,速度快捷,不会断线.断线瞬间绑定;支持dDoS (防分布式拒绝DoS攻击)
年费:800 ,免安装程序url自动更新.可免7天试用.
网址:www.fuqit.net 不诚勿扰qq站内找
另外:本站提供云支付服务 smg-ves
转载,请保留链接版权 runusws AT gmail.com
广告之后继续...
------------
DoS攻击日志如下:
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:48.395 queries: info: client 108.41.10.44#37760 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:50.364 queries: info: client 108.41.10.44#59190 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:50.535 queries: info: client 108.41.10.44#50452 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:50.598 queries: info: client 108.41.10.44#43158 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:52.364 queries: info: client 108.41.10.44#26214 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:52.535 queries: info: client 108.41.10.44#49879 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:11:52.582 queries: info: client 108.41.10.44#10113 (whbl.com): q
uery: whbl.com IN TXT +E (121.37.61.59)
08-七月-2012 20:12:04.332 queries: info: client 121.37.61.59#64838 (www.oanda.co
m): query: www.oanda.com IN A + (121.37.61.59)
08-七月-2012 20:12:14.598 queries: info: client 121.37.61.59#64030 (www.oanda.co
m): query: www.oanda.com IN A + (121.37.61.59)
08-七月-2012 20:12:16.332 queries: info: client 74.125.18.158#58000 (www.fuqit.n
et): query: www.fuqit.net IN A - (121.37.61.59)
08-七月-2012 20:12:44.207 queries: info: client 121.37.61.59#53088 (dx.ggsafe.co
m): query: dx.ggsafe.com IN A + (121.37.61.59)
--------------
看到攻击ip 108.41.10.44
smg03 引擎日志执行如下:
INFO | jvm 1 | 2012/07/08 20:15:24 | 2012-07-08 20:15:24 ----parsed DoSips-
--
INFO | jvm 1 | 2012/07/08 20:15:24 | 108.41.10.44;
INFO | jvm 1 | 2012/07/08 20:15:24 |
INFO | jvm 1 | 2012/07/08 20:15:24 | bindconf length:1938
INFO | jvm 1 | 2012/07/08 20:15:24 | 2012-07-08 20:15:24 exec rndc reload|r
esponse===>#rndc reload
INFO | jvm 1 | 2012/07/08 20:15:24 |
INFO | jvm 1 | 2012/07/08 20:15:24 | server reload successful
INFO | jvm 1 | 2012/07/08 20:15:24 | result:0
INFO | jvm 1 | 2012/07/08 20:15:24 |
INFO | jvm 1 | 2012/07/08 20:15:24 | 2012-07-08 20:15:24 response:2
------------
看到108.41.10.44 被拦截
写入成功;到此reload成功. 复观察dns.log该ip被拒绝.至此大功告成.
发表评论
-
ffmpeg 安装脚本指引.
2017-05-01 21:31 436#!/bin/sh #help http://www. ... -
反DoS攻击 僵尸服务器黑名单 更新20130706
2013-07-06 17:42 10反DoS攻击 机器人自动采集 僵尸网络服务器黑名单 90%来自 ... -
基于 OpenSSL 的 CA 建立及证书签发 (2009-03-08 01:44)
2012-12-17 17:03 773基于 OpenSSL 的 CA 建立及 ... -
用XFire开发webservices(eclipse+xfire+tomcat)(之一)采用的工具:Eclipse
2012-11-22 22:13 799用XFire开发webservices(eclipse+xfi ... -
SSL双向认证的java实现
2012-11-19 00:47 627本文通过模拟场景,介绍SSL双向认证的java实现 默认的情 ... -
反DDoS攻击僵尸云黑名单 机器人自动采集
2012-07-10 13:09 976blackhole { #SMG Robert a ... -
SMG-VES虚拟电子商务服务 云支付
2012-06-17 15:02 740原文:http://www.fuqit.net/?fprodu ... -
Windows下架设自己的DNS服务器 NTBind
2012-06-17 14:57 1568Windows下架设自己的DNS服务器 发表于 2007-09 ... -
Apache下的开设虚拟主机设置--添加站点2008-01-07 20:27Apache下的开设虚拟主机设置--添加站点
2012-06-05 17:24 890Apache下的开设虚拟主机 ... -
LAMP网站架构各模块配置的分析
2012-04-09 12:01 0LAMP网站架构各模块配置 ... -
linux 下CA服务器安装 .
2011-10-12 16:48 1137分类: 保密安全性 2010-01-04 22:01 1011 ... -
数字证书实质
2011-10-10 10:45 736数字证书实质 2011-03-24 10:35:14 来源 ... -
EJBCA--免费的CA证书管理中心
2011-10-09 14:30 1220EJBCA--免费的CA证书管理中心 发表于: 2004-7 ... -
什么是数字认证
2011-10-08 12:02 6332010-08-11 什么是数字认 ... -
SMG-BOSS系统介绍1.0.0
2011-07-04 10:13 817SMG-BOSS系统介绍 文档密级:普通 version:1. ... -
SMG-BOSS db说明 以及smg引擎系统安全注意事项 1.3.0
2011-06-29 17:24 791SMG-BOSS db说明 以及smg引 ... -
SMG引擎 1.3.0 功能说明
2010-10-01 00:13 1128SMG引擎 1.3.0 功能说明 按需定制微操作系统的实现 ...
相关推荐
分布式拒绝服务攻击一直是网络安全领域的研究难点.本文在进一步分析分布式拒绝服务攻击的危害 及其原因的基础上,重点综述了2005年以后对该问题的研究和解决方案,主要包括:基于网络服务提供商的网络过 滤、基于...
分布式DDoS攻击恶意行为知识库设计与实现.docx分布式DDoS攻击恶意行为知识库设计与实现.docx分布式DDoS攻击恶意行为知识库设计与实现.docx分布式DDoS攻击恶意行为知识库设计与实现.docx分布式DDoS攻击恶意行为知识库...
进入2000年以来,网络遭受攻击事件不断发生,全球许多著名网站如...取而代之的是,在一定时间内,彻底使被攻击的网络丧失正常服务功能,这种攻击手法为 DDoS,即分布式拒绝服务攻击(Distributed denial of service )。
凤凰架构:构建可靠的大型分布式系统.pdf
分布式拒绝服务攻击,更好的了解DDos攻击,对网络安全了解!
构建分布式拒绝服务攻击OUT OF SERVICES
详细介绍了分布式拒绝服务攻击的步骤,及预防
cc DDOS分布式拒绝服务攻击 不用肉机 收集代理就可以发挥巨大的攻击
分布式拒绝服务DDoS攻击核心技术研究.pdf
拒绝服务攻击(Denial of Service,DoS)是网络上最常见的一种攻击方式,其攻击类型繁多、影响广泛,其中的分布式拒绝服务攻击(Distributed Denial of Service,DDoS)更是严重威胁网络安全,受到这种攻击的损失是无法...
研究了分布式拒绝服务(DDoS) 攻击的特点,定义了流连接密度( FCD) 的概念,并证明了FCD 时间序 列的非平稳特性. 据此,提出了一种新的基于时频分析的自动检测DDoS 攻击的方法,该方法采用平滑魏格 纳2维利分布对FCD 时间...
基于Hadoop架构的混合型DDoS攻击分布式检测系统.docx
分布式拒绝服务攻击研究综述
分布式拒绝服务攻击预警系统的设计与实现....
分布式拒绝服务攻击-网安沙龙-blackfox整理
一种分布式的DDoS攻击防御系统模型的研究,邹存强,,分布式拒绝服务攻击(DDoS)是最主要的网络安全威胁之一,具有很强的破坏力,难以防范。本文在研究现有防御机制的基础上,提出一��
应用层分布式拒绝服务攻击检测模型,谢逸,余顺争,随着攻击者所拥有的网络资源与技术的不断增长, 分布式拒绝服务(Distributed Denial of Service, DDoS)攻击对现代网络安全形成了新的挑战. 传统�
一种基于网络行为特征的分布式低速率DoS攻击,王丽娜,张笑盈,本文利用遗传算法设计了一种分布式低速率拒绝服务攻击,在该攻击中,各攻击分布结点的行为是正常的、非周期性的,但它们的攻击叠