Symptoms of the server when attacked by CC
When the general server is attacked by CC, the legendary server will appear that the 7000 port is closed externally. Because the fault has been blocked, the command netstat -an can be used. See the same record as the following:
...7000 219.128.90.43 3741 SYN_RECEIVED
Where 219.128.90.43 is the proxy attack IP, SYN_RECEIVED is the feature of the attack, such records will generally have A lot of different proxy IP attacks
Determine the corresponding method to be taken after CC attack: When excluding other DDOS attacks of other types, you can use IP policy to deal with attacks against CC attacks. .90.43 This IP is an example. We use the IP segment to deal with the attack (it seems to be like the forum asks how to block the IP segment, which just provides the next method)
Open local security settings, point IP security policy Create an IP security policy on the local machine----Next---- Name is written casually, such as input blocking, and then click the next step, the prompt point is, until the completion, At that time, I created a policy called Blocking
The following point IP security policy, in the local machine management IP filter table and filter operations ---- point to add --- name to add 75.156. 25 (in order to identify the best fill the corresponding IP segment) ---- Click Add----Next----Source address select a specific IP subnet, IP input 75.156.25.0 Subnet mask changed to 255.255 .255.0----Next---- Target address select my IP address----Next----Protocol type is arbitrary----Next----Complete all closed
Below we start the strategy called Blocking, click on the attribute----Add----Next----Next network type select all network connections----Next---- The cue point is ----- to the IP filter list, the option we just created 75.156.25----Next----Select block----Next to complete, close
The last point to block this policy, right click, assign, so far we have blocked the network segment starting with 75.156.25, of course, also blocked the IP attack of 219.128.90.43, if you want to seal other IP Attack You can use this method to completely block CC attacks. The trouble is to manually view the attacker's proxy IP and add IP policies.
In fact, IP security policy is applied. The role of IP security policy is very large, but many people do not pay attention to this practical function.
As mentioned above, we need to track and log the operation of each us
Problem Description How to set resource allocation for each virtual machine in Sys
Nowadays, hackers are increasingly scrambling. It can be said that there is no lo
for IIS servers The Internet is full of dangers, and many important applications are built on the I
When setting Windows 2003 to shut down or restart, the prompt box
IIS logging time is not correct
Solve problems with web server not accessible
Virtual Server Implementation Method
Multi-picture detailed Apple "Snow Leopard" server system installation tutorial
Using load balancing technology to build high-load network sites
How to open the server Mcrypt.so encryption library
Six steps to secure your web server
Configuring Windows Server 2008 Firewall - Allowed to be Ping
Unable to delete file resolution
WinXP system optimization acceleration three secret skills
How is the fast download speed slow?
How to install Linux using logwatch
How to display win10 calendar tile in the start menu
Win7 system with Sogou input method handwriting input to play the word not known
How to turn off Windows 7 Receive a "Setup Backup" prompt
Win2003 update KB3045999 patch blue screen repeatedly restart what to do?