DDoS attack refers to the combination of multiple computers as the attack platform to launch a DDoS attack on one or more targets. CC attack is one of the DDoS attacks. Compared with other DDoS attacks, CC attack seems to have more technical content. It uses proxy server to generate legitimate requests to target system to achieve camouflage and DDoS.
互联网黑客最常用的攻击手段就是 DDoS 和 CC 攻击，给许多企业造成了巨大的损失。调查结果显示，DDoS 和 CC 攻击造成的平均损失从企业规模的 5 万 2000 美元到 44 万 4000 美元不等。下面我们介绍下二者的区别。
The most common attack methods of Internet hackers are DDoS and CC attacks, which cause huge losses to many enterprises. The survey results show that the average loss caused by DDoS and CC attacks ranges from $52000 to $444000 of the enterprise scale. Let’s introduce the difference between them.
DDoS 攻击（分布式拒绝服务攻击）指借助于客户/服务器技术，将多个计算机联合起来作为攻击平台，对一个或多个目标发动 DDoS 攻击，从而成倍地提高拒绝服务攻击的威力。
DDoS attack (distributed denial of service attack) refers to using client / server technology to combine multiple computers as an attack platform to launch DDoS attacks on one or more targets, so as to increase the power of denial of service attacks.
DDoS 的攻击方式有很多种，最基本的 DoS 攻击就是利用合理的服务请求来占用过多的服务资源，从而使合法用户无法得到服务的响应。DDoS 就是利用更多的傀儡机（肉鸡）来发起进攻，比从前 dos 更大的规模来进攻受害者。
There are many kinds of DDoS attacks. The most basic DoS attack is to use reasonable service requests to occupy too much service resources, so that legitimate users can not get the response of services. DDoS is to use more puppet machines (broilers) to launch attacks, and attack victims on a larger scale than before.
CC 攻击是 DDoS 攻击的其中一种，是目前应用层攻击的主要手段之一，相比其它的 DDoS 攻击 CC 似乎更有技术含量一些。CC 攻击借助代理服务器生成指向目标系统的合法请求，实现伪装和 DDoS。
CC attack is one of DDoS attacks and one of the main means of application layer attack. Compared with other DDoS attacks, CC attack seems to be more technical. CC attack uses proxy server to generate legitimate requests to the target system to achieve camouflage and DDoS.
We all have the experience that it doesn’t take too long to visit a static page, even if there are many people, but if you visit in the peak period, the more people you visit, the more pages you visit, the greater the pressure on the database, the more frequently you are visited, and the system resources you occupy are quite observable.
CC 攻击就充分利用了这个特点，模拟多个正常用户不停地访问需要大量数据操作的页面，造成服务器资源的浪费，CPU 长时间处于 100%，永远都有处理不完的请求，网络拥塞，正常访问被中止。这种攻击技术性含量高，见不到真实源 IP，见不到特别大的异常流量，但服务器就是无法进行正常连接。
CC attack makes full use of this feature. It simulates that many normal users constantly visit pages that need a lot of data operations, resulting in a waste of server resources. The CPU is at 100% for a long time, and there will always be endless requests, network congestion, and normal access is suspended. This kind of attack has a high technical content, and can not see the real source IP, and can not see the very large abnormal traffic, but the server is unable to connect normally.
CC attack is different from DDoS attack. DDoS attack is mainly aimed at IP attack, while CC attack is mainly aimed at webpage attack. You can’t see the real source IP, and you can’t see the extra large abnormal traffic, but it will cause the server to be unable to connect normally.
CC attack can be divided into four types: direct attack, agent attack, botnet attack, and broiler attack.
1. Direct attack
主要针对有重要缺陷的 Web 应用程序，一般来说是程序写的有问题的时候才会出现这种情况，比较少见。
It is mainly aimed at web applications with important defects. Generally speaking, this situation occurs when there is a problem in program writing, which is relatively rare.
2. Agent attack
代理攻击是黑客借助代理服务器生成指向受害主机的合法网页请求，实现 DOS 和伪装。
Proxy attack is a kind of attack that hackers use proxy server to generate legitimate Web page requests to the victim host, to achieve dos and camouflage.
3. Botnet attack
有点类似于 DDOS 攻击，从 Web 应用程序层面上已经无法防御。
It’s a bit like DDoS attack, which can’t be defended from the web application level.
4. Broiler attack
黑客使用 CC 攻击软件，控制大量肉鸡发动攻击，相比代理攻击更难防御，因为肉鸡可以模拟正常用户访问网站的请求，伪造成合法数据包。
Hackers use CC attack software to control a large number of broilers to launch attacks, which is more difficult to defend than agent attacks, because broilers can simulate the requests of normal users to visit the website and forge legal packets.