Qingyun was attacked? What exactly is that DDoS called "nuke"?

“Thirty-six krypton is dead.” “Life is not going up.” “Enjoy is also dead.” From July 22, 2015, there was a wail on wechat and Weibo. Software operators also joked on weibo that their own websites and apps on The cloud service provider Qingyun could not be properly served due to the breakdown of the cloud service provider.

The outage lasted on and off for a day, leading to widespread speculation that it was the result of a DDoS attack. However, the next day, Qingyun clarified on its official weibo that it was due to the failure of the switch purchased from H3C, which led to the failure of normal service. It continued to update the repair progress on weibo, and it was not fully repaired until 9:00 PM on 23rd. Later, H3C also apologized on Weibo.

Although the incident came to an end, it triggered a big discussion among friends. Why is such an incident caused by hardware damage suspected as a DDoS attack? What do cloud service providers do in case of a real DDoS attack?

Rogue + bully = Nuke?

Security experts once said, DDoS is a nuclear weapon in an attack. A large area of the network is down, which is the effect of DDoS attacks. Add to that the number of recent DDoS attacks, which have been growing exponentially, and there is a lingering fear of nuclear weapons.

Nuclear weapons brutally destroy everything; People are desperate and helpless in the face of it. What about DDoS attacks? The all-embracing Lei Feng network has also been introduced in detail. In simple terms, an attacker unites multiple computers to flood a targeted server.

Borrow a figurative analogy in the text

Bullies, posing as ordinary customers, have been crowding rivals’ shops, hanging on while real shoppers have not been allowed in; Or always and the salesperson have a take a take of the east pull west pull, so that the staff can not normal service customers; It can also provide false information for the operators of shops. After busy up and down the shops, they find that they are all in vain, and finally lose the real big customers and suffer heavy losses. Sometimes bullies can’t do these things by themselves. They need a lot of people.

In 2013, the famous open source video player VLC suffered a DDoS attack. The website administrator made this simulated attack video using tools. Countless traffic concentrated firepower poured into the server scene, let a person actually a little exciting ah. Perhaps because of this epic picture, DDoS attacks are also known as beautiful evil. In theory, DDoS can take out any Internet service if it accumulates enough force.

Only the rich can afford DDoS

Attacks on the Internet have evolved to the point of refinement. Hackers can infiltrate servers to steal confidential information or financial accounts to steal real money. Of all the attacks, DDoS is the least technical. However, it is precisely because of this kind of attack of great momentum, easy to obtain the shock effect.

Xu Dongshan, head of Tencent Cloud security, introduced to Lei Feng that many underground professional teams are involved, making DDoS attacks a huge industry at present. As long as there is money, even an ordinary person can use the power of these gray industries to carry out DDoS attacks. Ouyang Meiwen, vice president of security firm Qiming Stars, once published a data online, showing that the global revenue of DDoS attacks reached 600 million US dollars in 2014, and the Chinese DDoS market was about 30 million US dollars, an unprecedented figure.

According to people familiar with the matter, a mid-sized DDOS attack on the Internet now costs around one million yuan. And that money doesn’t go entirely into the hacker’s pocket, because the most important resource in an attack is traffic and bandwidth, which can be bought or rented for real money. The so-called troops will block the water, the implementation of defense also needs a huge flow. Simply put, it is the two sides of the game burn money, money wins.

The rules of the game make small companies cry. To defend against DDoS attacks, it is often necessary to rent millions of yuan of bandwidth, which is completely idle when there is no attack. Yun Shu, an Alibaba security expert who speaks for tuhao, said publicly: “I’m not being sarcastic. Large-scale DDOS defense, that kind of cost is not affordable for a small company.”

Yes, a million is that much

Anti-ddos wulin river’s lake

The tricky part about a DDoS attack is that it’s hard to tell a lot of local ruffians from a handful of merchants who actually want to buy something. Shut down, bitch will laugh.

A spokesman for Domestic cloud security service provider Ivy told Lei Feng that there are two basic solutions to DDoS:

1, flow cleaning – choke off a part of the flow of attack, equivalent to find out trouble rogue, kick out of the mountain door.

2, expand bandwidth – expand the capacity of the server, equivalent to find more customer service girls, receive every customer.

The personage inside course of study made an image metaphor for the reporter:

In theory, cloud providers such as Qingyun are like large shopping malls that rent out storefronts to companies. One of the companies was blocked (DDoS), in fact Qingyun is not responsible. However, in today’s competitive market, service is more and more important. To provide customers with higher-level security services is the mainstream choice of cloud service enterprises. And if a hacker sneaks in goods like a movie that violates the policy in one of the mall’s stores, the state will hold the mall to account. From this point of view, it is also an inevitable choice for large shopping malls to match several security guards for merchants.

So, what do these cloud service providers, or cloud security service providers, have in their Arsenal against DDoS attacks?

qingyun

Colleagues from qingyun Marketing Department provided Leifeng with their user manual, which includes various DDoS handling plans. One of them is to distribute the pressure of requests to the back end through the load balancer provided by Qingyun, which effectively spreads the attack traffic to the back yard and destroys it individually.

tencent

As the giant of the cloud security market Tencent also has its own unique experience, Tencent cloud security director Xu Dongshan told reporters that in the face of all kinds of fancy DDoS, the basic response measures adopted by each cloud security enterprise are similar. For example, there are A total of 10 ways to respond to an attack. Company A might use 1, 2, 3, and Company B might use 2, 3, and 4. In addition, Tencent also launched a protection product named “Dayu” system. When encountering a massive traffic attack, Dayu system will change the resolution result of domain name according to the actual impact of the attack, so that normal business traffic can be quickly allocated to the unaffected nodes. After the node is recovered, the Dayu system automatically imports service traffic online. In general, it’s guerrilla warfare against DDoS attacks.

Lei Feng net learned that Tencent cloud security has a unique advantage, that is, the huge installed Tencent computer butler. If a computer equipped with a computer butler is taken over by a hacker in a DDoS attack, the butler will automatically cut off its traffic requests.

One of the most buggy anti-ddos devices is the backbone. Backbone network is the optical fiber network that physically connects each major city, and the three giants of China Mobile, China Unicom and China Telecom are the main backbone network providers. To put it simply, the bandwidth of the backbone network has reached the level of open, which can resist most DDoS attacks. Tencent Cloud security is also cooperating with the backbone network operators. Once overloaded data requests are met, the traffic will be directed to the backbone network “vast ocean”.

China Telecom

To the sadness of other security companies, China Telecom is not quietly playing the outlier. Not long ago, China Telecom launched its own security product: “Cloud dike”. Telecoms companies with backbone networks can simply follow their own fiber-optic cables to the location of the attack and grab the attacker by the throat, without having to guess the IP address of the attack. Telecom cloud bank product owner Liu Zi thousand told reporters: “through the analysis of telecom data of entire network routers, can be judged from outside or from other domestic operators, and locate a point is which one operator, which a city or even IDC room, thus scheduling equipment for traffic to clear, telecom attack protection theoretically infinite.”

At this point, it’s time to put an end to this martial arts fight. Still, you can count on two hands the number of companies that can afford a backbone network to protect against DDoS attacks.

After all, if DDoS and nuclear weapons have one thing in common, it’s that they both cost a lot of money. In the face of DDoS, if you want to defeat it, you have to fight with money in your pocket. The world of tuhao is dangerous, diaosi should go home. It’s a cruel world.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Qingyun was attacked? What exactly is that DDoS called “nuke”?

Qingyun was attacked? What exactly is that DDoS called “nuke”?

Related Posts

Analysis of MVC Architecture

Initial experience with Flutter2.0 (Web support)

Vue uses custom instructions to hide components in the blank