| Distributed Denial of Services(DDoS)is one of the most destructive forms of Internet illegal attacks.It has low cost of attacking hardware and software,simple implementation of attack methods,and prevention of target network equipment after attack.In recent years,distributed denial of service attacks frequently occur,especially for the operation of the mall domain network,because of its complex network structure,network equipment manufacturers are numerous and different models,and the number of large customers under the network equipment is large and the network The quality requirements are extremely high.Therefore,whether the network equipment of the operating mall domain network itself is attacked by criminals,or the users under the network equipment of the operating mall domain network are attacked illegally,the software and hardware resources of the network equipment of the operating mall domain network are consumed a lot.In severe cases,the entire metropolitan area network is congested and congested,and even network service interruption occurs.This paper first introduces the attack side principle of the current mainstream distributed denial of service attacks,and combines the attack records of malicious distributed denial of service attacks suffered by China Unicom's Dalian network in recent years,focusing on the TCP/IP protocol reported through the core router.The paper conducts packet capture analysis,discusses the attack methods of criminals,and simulates the pre-preparation of hackers for distributed denial of service attacks by means of network tools such as SHODAN search engine and NMAP network sniffing scanner.The defense method of service attack,then analyzes the limitations of some existing network security devices in the operating mall domain network,and proposes a solution against distributed denial of service attacks based on the topology and service characteristics of Dalian Unicom MAN.Simulated deployment of traffic cleaning center and traffic reinjection equipment.Since different hackers and hacker organizations have their own fixed attack habits and attack methods,a honeypot server was built in the Dalian Unicom network using the network retreat server to lure hackers.Tank server for network attacks,recording The hacker address and the hacker's attack means to defend as early as possible,and then the error serial number source authentication algorithm,the correct serial number source authentication algorithm and the source IP random change attack defense algorithm are proposed,and the theoretical analysis and actual test are carried out.The paper has 25 pictures and 52 references. |
PDF Full Text Request