CC攻击原理
CC主要是用来攻击页面的。数据库就越大,被访问的频率也越高,占用的系统资源也就相当可观。
CC攻击的原理就是攻击者控制某些主机不停地发大量数据包给对方服务器造成服务器资源耗尽,一直到宕机崩溃。
如果攻击者是攻击静态文件会导致占用过多的宽带服务。
如下:
日志中会有重复的请求
1.196.178.118 - - [23/Feb/2017:22:08:06 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 113.119.51.156 - - [23/Feb/2017:22:08:06 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 123.170.167.203 - - [23/Feb/2017:22:08:06 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 123.170.167.203 - - [23/Feb/2017:22:08:06 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 327680 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 171.88.149.134 - - [23/Feb/2017:22:08:06 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 327680 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 123.170.164.11 - - [23/Feb/2017:22:08:06 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 327680 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 123.170.167.203 - - [23/Feb/2017:22:08:07 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 393216 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 123.170.167.203 - - [23/Feb/2017:22:08:07 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 171.88.149.134 - - [23/Feb/2017:22:08:07 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 113.119.51.156 - - [23/Feb/2017:22:08:07 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 171.88.149.134 - - [23/Feb/2017:22:08:07 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 1.196.178.118 - - [23/Feb/2017:22:08:07 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 113.119.51.156 - - [23/Feb/2017:22:08:07 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 262144 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36" 123.170.167.203 - - [23/Feb/2017:22:08:07 +0800] "GET /2016/9/netbeans-trunk-nightly-201607150002-php-windows-x64.zip HTTP/1.1" 206 327680 "-" "Mozilla/5.0 (Linux; Android) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36"
如果是页面阻止的办法有
1.页面使用缓存机制 减轻CC对服务器的压力
2.在代码中做处理限制,同一个IP在短时间的请求次数超过阈值,就停止运行之后相关代码直接返回自定义状态。
3.直接购买拥有硬防服务器和云盾的服务商。
关键字词:
