Hauv thawj ob peb lub hlis twg ntawm 2020, tus naj npawb ntawm DDoS tawm tsam yuav luag peb npaug, nrog 65% ntawm lawv tau sim ua ntej ntawm "kev sim thauj khoom" uas yooj yim "lov tes taw" qhov chaw tsis muaj kev tiv thaiv ntawm cov khw muag khoom online me, rooj sab laj, blogs, thiab xov xwm tshaj tawm.
Yuav ua li cas xaiv DDoS-tiv thaiv hosting? Koj yuav tsum xyuam xim rau dab tsi thiab koj yuav tsum npaj dab tsi kom tsis txhob poob rau hauv qhov xwm txheej tsis zoo?
(Kev txhaj tshuaj tiv thaiv "grey" kev lag luam sab hauv)
Qhov muaj thiab ntau yam cuab yeej rau kev ua DDoS tawm tsam yuam cov tswv ntawm cov kev pabcuam online los ua cov kev ntsuas tsim nyog los tawm tsam qhov kev hem thawj. Koj yuav tsum xav txog kev tiv thaiv DDoS tsis yog tom qab thawj qhov tsis ua haujlwm, thiab tsis yog ib feem ntawm cov txheej txheem ntsuas kom ua rau muaj kev ua txhaum cai ntawm cov txheej txheem, tab sis nyob rau theem ntawm kev xaiv qhov chaw rau kev tso kawm (tus neeg muab kev pabcuam lossis chaw zov me nyuam).
Kev tawm tsam DDoS raug cais raws li cov txheej txheem uas nws qhov tsis zoo yog siv rau theem ntawm Open Systems Interconnection (OSI) qauv:
- channel (L2),
- network (L3),
- thauj (L4),
- siv (L7).
Los ntawm qhov kev pom ntawm kev ruaj ntseg systems, lawv tuaj yeem raug muab faib ua ob pawg: kev tsim kho theem kev tawm tsam (L2-L4) thiab kev siv qib kev tawm tsam (L7). Qhov no yog vim qhov ua tiav ntawm kev ua tiav ntawm kev soj ntsuam kev tsheb khiav thiab kev ua haujlwm nyuaj: qhov tob dua peb saib rau hauv pob ntawv IP, yuav tsum siv lub zog ntau dua.
Feem ntau, qhov teeb meem ntawm optimizing kev xam thaum ua cov tsheb khiav hauv lub sijhawm tiag tiag yog lub ntsiab lus rau cov kab lus sib cais. Tam sim no cia li xav txog tias muaj qee tus neeg muab kev pabcuam huab nrog cov kev pabcuam suav tsis txwv uas tuaj yeem tiv thaiv cov vev xaib los ntawm kev siv-qib tawm tsam (xws li ).
3 cov lus nug tseem ceeb los txiav txim siab qib ntawm hosting kev ruaj ntseg los ntawm DDoS tawm tsam
Cia peb saib cov nqe lus ntawm kev pabcuam rau kev tiv thaiv kev tawm tsam DDoS thiab Daim Ntawv Pom Zoo Qib Kev Pabcuam (SLA) ntawm cov chaw pabcuam hosting. Lawv puas muaj cov lus teb rau cov lus nug hauv qab no:
- Cov kev txwv kev qhia dab tsi tau teev los ntawm tus neeg muab kev pabcuam??
- Yuav ua li cas thaum tus neeg siv khoom mus dhau qhov kev txwv?
- Tus neeg muab kev pabcuam hosting tsim kev tiv thaiv DDoS kev tawm tsam li cas (cov thev naus laus zis, kev daws teeb meem, cov chaw muag khoom)?
Yog tias koj tsis pom cov ntaub ntawv no, ces qhov no yog qhov laj thawj los xav txog qhov hnyav ntawm tus neeg muab kev pabcuam, lossis teeb tsa kev tiv thaiv DDoS (L3-4) ntawm koj tus kheej. Piv txwv li, hais kom lub cev sib txuas rau lub network ntawm tus kws kho mob tshwj xeeb.
Tseem ceeb! Tsis muaj lub ntsiab lus hauv kev muab kev tiv thaiv kev tiv thaiv kev tawm tsam kev siv Reverse Proxy yog tias koj tus neeg muab kev pabcuam hosting tsis tuaj yeem muab kev tiv thaiv kev tiv thaiv kev tawm tsam: cov khoom siv hauv lub network yuav dhau mus thiab ua tsis muaj, suav nrog rau cov huab muab kev pabcuam rau cov servers (Daim duab 1).
Daim duab 1. Kev tawm tsam ncaj qha rau ntawm tus kws kho mob lub network
Thiab tsis txhob cia lawv sim qhia koj cov dab neeg hais tias qhov chaw nyob IP tiag tiag ntawm tus neeg rau zaub mov tau muab zais tom qab huab ntawm tus neeg muab kev nyab xeeb, uas txhais tau tias nws tsis tuaj yeem tawm tsam nws ncaj qha. Hauv cuaj qhov ntawm kaum, nws yuav tsis yooj yim rau tus neeg tawm tsam los nrhiav qhov chaw nyob IP tiag tiag ntawm tus neeg rau zaub mov lossis tsawg kawg yog tus neeg muab kev pabcuam hosting network txhawm rau txhawm rau "tua" tag nrho cov ntaub ntawv chaw.
Yuav ua li cas hackers ua hauv kev tshawb nrhiav tus IP chaw nyob tiag
Hauv qab no cov spoilers yog ob peb txoj hauv kev los nrhiav qhov chaw nyob IP tiag tiag (muab rau cov ntaub ntawv xov xwm).
Txoj Kev 1: Tshawb nrhiav hauv qhov chaw qhib
Koj tuaj yeem pib koj txoj kev tshawb fawb nrog kev pabcuam online: Nws tshawb xyuas lub vev xaib tsaus, cov ntaub ntawv sib koom ua ke, txheej txheem Whois cov ntaub ntawv, cov ntaub ntawv pej xeem xau thiab ntau lwm qhov chaw.
Yog tias, raws li qee cov cim qhia (HTTP headers, Whois cov ntaub ntawv, thiab lwm yam), nws tuaj yeem txiav txim siab tias qhov chaw tiv thaiv tau teeb tsa siv Cloudflare, tom qab ntawd koj tuaj yeem pib tshawb nrhiav tus IP tiag los ntawm, uas muaj txog 3 lab tus IP chaw nyob ntawm cov chaw nyob tom qab Cloudflare.
Siv daim ntawv pov thawj SSL thiab kev pabcuam koj tuaj yeem nrhiav tau ntau cov ntaub ntawv muaj txiaj ntsig, suav nrog qhov chaw nyob IP tiag ntawm lub xaib. Txhawm rau tsim kev thov rau koj cov peev txheej, mus rau Daim Ntawv Pov Thawj tab thiab nkag mus:
_parsed.names: npesite THIAB tags.raw: ntseeg
Txhawm rau tshawb nrhiav IP chaw nyob ntawm cov servers siv daim ntawv pov thawj SSL, koj yuav tsum tau manually mus rau hauv daim ntawv teev npe nrog ob peb lub cuab yeej ("Explore" tab, ces xaiv "IPv4 Hosts").
Txoj Kev 2: DNS
Tshawb nrhiav keeb kwm ntawm DNS cov ntaub ntawv hloov pauv yog ib txoj kev qub, pov thawj. Qhov chaw nyob IP yav dhau los ntawm lub vev xaib tuaj yeem ua kom pom tseeb tias qhov twg hosting (lossis cov ntaub ntawv chaw) nws nyob ntawm. Ntawm cov kev pabcuam hauv online hais txog kev yooj yim ntawm kev siv, cov hauv qab no sawv tawm: ΠΈ .
Thaum koj hloov qhov chaw, lub vev xaib yuav tsis siv tam sim ntawd tus IP chaw nyob ntawm huab huab kev nyab xeeb lossis CDN, tab sis yuav ua haujlwm ncaj qha rau qee lub sijhawm. Nyob rau hauv cov ntaub ntawv no, muaj ib tug muaj peev xwm uas cov kev pab cuam hauv internet rau khaws cia cov keeb kwm ntawm IP chaw nyob hloov pauv muaj cov ntaub ntawv hais txog qhov chaw nyob ntawm qhov chaw.
Yog tias tsis muaj dab tsi tab sis lub npe ntawm cov qub DNS neeg rau zaub mov, tom qab ntawd siv cov khoom siv tshwj xeeb (dig, tswv lossis nslookup) koj tuaj yeem thov tus IP chaw nyob los ntawm lub npe sau npe ntawm lub xaib, piv txwv li:
_dig @old_dns_server_name npethaj chaw
Txoj Kev 3: email
Lub tswv yim ntawm txoj kev yog siv cov lus tawm tswv yim / daim ntawv sau npe (lossis lwm txoj hauv kev uas tso cai rau koj pib xa tsab ntawv) kom tau txais tsab ntawv rau koj tus email thiab xyuas cov ntawv sau npe, tshwj xeeb tshaj yog "Tau Txais" teb .
Tus email header feem ntau muaj qhov tseeb IP chaw nyob ntawm MX cov ntaub ntawv (email pauv neeg rau zaub mov), uas tuaj yeem yog qhov pib rau kev nrhiav lwm cov servers ntawm lub hom phiaj.
Nrhiav cov cuab yeej Automation
IP tshawb nrhiav software tom qab Cloudflare daim thaiv feem ntau ua haujlwm rau peb txoj haujlwm:
- Luam theej duab rau DNS misconfiguration siv DNSDumpster.com;
- Crimeflare.com database scan;
- tshawb rau subdomains siv ib txoj kev tshawb nrhiav phau ntawv txhais lus.
Nrhiav subdomains feem ntau yog qhov kev xaiv zoo tshaj plaws ntawm peb - ββtus tswv ntawm lub xaib tuaj yeem tiv thaiv lub vev xaib tseem ceeb thiab tawm hauv cov subdomains khiav ncaj qha. Txoj kev yooj yim tshaj plaws los xyuas yog siv .
Tsis tas li ntawd, muaj cov khoom siv hluav taws xob tsim los rau kev tshawb nrhiav subdomains siv phau ntawv txhais lus tshawb nrhiav thiab nrhiav hauv cov chaw qhib, piv txwv li: los yog .
Kev tshawb nrhiav tshwm sim li cas hauv kev xyaum
Piv txwv li, cia peb coj lub vev xaib seo.com siv Cloudflare, uas peb yuav pom siv cov kev pabcuam zoo. ( tso cai rau koj los txiav txim siab txog cov thev naus laus zis / cav / CMS uas lub vev xaib ua haujlwm, thiab rov ua dua - tshawb nrhiav cov vev xaib los ntawm cov thev naus laus zis siv).
Thaum koj nyem rau ntawm "IPv4 Hosts" tab, qhov kev pabcuam yuav qhia cov npe ntawm cov tswv siv daim ntawv pov thawj. Txhawm rau nrhiav qhov koj xav tau, nrhiav tus IP chaw nyob nrog qhib chaw nres nkoj 443. Yog tias nws hloov mus rau qhov chaw xav tau, tom qab ntawd txoj haujlwm tiav, txwv tsis pub koj yuav tsum ntxiv lub npe sau npe ntawm lub xaib mus rau "Hom" header ntawm lub vev xaib. HTTP thov (piv txwv li, *curl -H "Host: site_name" *).
Hauv peb qhov xwm txheej, kev tshawb fawb hauv Censys database tsis tau muab dab tsi, yog li peb txav mus.
Peb yuav ua qhov kev tshawb nrhiav DNS los ntawm kev pabcuam.
Los ntawm kev tshawb nrhiav los ntawm cov chaw nyob uas tau hais hauv cov npe ntawm DNS servers siv CloudFail cov nqi hluav taws xob, peb pom cov chaw ua haujlwm. Qhov tshwm sim yuav npaj tau rau ob peb feeb.
Siv tsuas yog qhib cov ntaub ntawv thiab cov cuab yeej yooj yim, peb txiav txim siab qhov chaw nyob IP tiag tiag ntawm lub vev xaib server. Tus so rau tus neeg tawm tsam yog qhov teeb meem ntawm cov txheej txheem.
Cia peb rov qab los xaiv tus neeg muab kev pabcuam hosting. Txhawm rau ntsuas qhov txiaj ntsig ntawm qhov kev pabcuam rau cov neeg siv khoom, peb yuav xav txog txoj hauv kev muaj peev xwm tiv thaiv DDoS tawm tsam.
Yuav ua li cas tus neeg muab kev pabcuam hosting tsim nws txoj kev tiv thaiv
- Kev tiv thaiv tus kheej nrog cov khoom siv lim dej (Daim duab 2).
Yuav tsum tau:
1.1. Cov khoom siv lim dej thiab cov ntawv tso cai software;
1.2. Cov kws tshaj lij puv sijhawm rau nws txoj kev txhawb nqa thiab kev ua haujlwm;
1.3. Kev nkag mus hauv Is Taws Nem uas yuav txaus kom tau txais kev tawm tsam;
1.4. Qhov tseem ceeb prepaid channel bandwidth kom tau txais "quav" tsheb.
Daim duab 2. Hosting tus kws kho mob tus kheej kev ruaj ntseg
Yog tias peb xav txog cov txheej txheem piav qhia raws li kev tiv thaiv niaj hnub DDoS kev tawm tsam ntau pua Gbps, ces qhov system no yuav raug nqi ntau heev. Puas yog tus muab kev pabcuam hosting muaj kev tiv thaiv zoo li no? Puas yog nws npaj them rau "khoom plig" tsheb? Obviously, xws li cov qauv kev lag luam tsis muaj txiaj ntsig rau tus neeg muab kev pabcuam yog tias cov nqi se tsis muab rau kev them nyiaj ntxiv. - Reverse Proxy (rau cov vev xaib thiab qee cov ntawv thov nkaus xwb). Txawm tias tus lej , tus neeg muag khoom tsis lav kev tiv thaiv tawm tsam DDoS ncaj qha (saib daim duab 1). Cov chaw muab kev pabcuam hosting feem ntau muab cov kev daws teeb meem zoo li panacea, hloov lub luag haujlwm rau tus kws kho mob.
- Cov kev pabcuam ntawm cov chaw pabcuam huab tshwj xeeb (siv nws lub network lim dej) los tiv thaiv DDoS tawm tsam ntawm txhua qib OSI (Daim duab 3).
Daim duab 3. Kev tiv thaiv zoo tiv thaiv DDoS tawm tsam siv tus kws kho mob tshwj xeeb
assumes sib sib zog nqus integration thiab ib theem siab ntawm kev txawj ntse ntawm ob tog. Outsourcing tsheb lim cov kev pab cuam tso cai rau cov chaw muab kev pabcuam kom txo tus nqi ntawm cov kev pabcuam ntxiv rau cov neeg siv khoom.
Tseem ceeb! Cov ncauj lus kom ntxaws ntxiv txog cov yam ntxwv ntawm cov kev pabcuam tau muab piav qhia, qhov muaj feem ntau ntawm kev thov kom lawv siv lossis them nyiaj thaum lub sijhawm poob.
Ntxiv rau peb txoj hauv kev tseem ceeb, muaj ntau qhov sib xyaw ua ke thiab sib xyaw ua ke. Thaum xaiv ib lub hosting, nws yog ib qho tseem ceeb rau cov neeg siv khoom kom nco ntsoov tias qhov kev txiav txim siab yuav nyob ntawm qhov loj ntawm kev lees paub thaiv kev tawm tsam thiab kev lim dej kom raug, tab sis kuj nyob ntawm qhov ceev ntawm cov lus teb, nrog rau cov ntaub ntawv cov ntsiab lus (cov npe ntawm cov kev tawm tsam, General Statistics, thiab lwm yam).
Nco ntsoov tias tsuas yog ob peb tus neeg muab kev pabcuam hauv lub ntiaj teb tuaj yeem muab qhov kev lees paub ntawm kev tiv thaiv ntawm lawv tus kheej; nyob rau hauv lwm qhov xwm txheej, kev koom tes thiab kev paub txog kev paub pab. Yog li, nkag siab txog cov hauv paus ntsiab lus ntawm kev teeb tsa kev tiv thaiv kev tawm tsam DDoS yuav tso cai rau tus tswv ntawm lub xaib tsis txhob poob rau kev lag luam dag thiab tsis yuav "pw hauv poke."
Tau qhov twg los: www.hab.com