One, to ensure that the server system security
Yunba world IDC high defense
1, to ensure that the server's system files are the latest version, and update the system patches in a timely manner.
2. Administrators need to check all hosts and know the source of visitors.
3. Close unnecessary services: remove unused services on the server and close unused ports.
4. Limit the number of SYN half-connections opened at the same time, shorten the time out time of SYN half-connections, and limit the SYN/ICMP traffic.
5, correctly set up the firewall, run port mapping program or port scanning program on the firewall.
6, carefully check the logs of network devices and host/server systems. Whenever there is a hole in the log or a time change, the machine may have been attacked.
7. Limit the use of network files outside the firewall. This will give hackers the opportunity to intercept system files, if the hacker to replace it with a Trojan horse, file transfer function will undoubtedly be paralyzed.
The other methods
Yunba world IDC high defense IP
1, hide the server real IP
2, close the unnecessary services or ports
3, buy high defense to improve the affordability
4, limit the SYN/ICMP traffic
5, website request IP filtering
6, deploy the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS, the DNS.
6, the deployment of DNS intelligent resolution
7, to provide a margin of bandwidth
Currently, DDOS attacks do not have the best cure for the method, do not do a complete defense, can only take a variety of means to a certain extent to slow down the attack damage. So usually the server operation and maintenance work or to do a good job of the basic security.