• 欢迎访问速搜资源吧,如果在网站上找不到你需要的资源,可以在留言板上留言,管理员会尽量满足你!

【速搜问答】如何攻击云服务器

问答 admin 1个月前 (06-25) 63次浏览 已收录 0个评论

汉英对照:
Chinese-English Translation:

服务器的攻击方式有很多,要服务器瘫痪无法登录,一般是DDOS攻击,但是这个前提必须要攻击者的宽带大于被攻击者,或者要网络登录堵塞也就是CC攻击,但是前提是要很多IP。

There are many ways to attack the server. If the server is paralyzed and unable to log in, it is usually a DDoS attack. But this premise requires that the broadband of the attacker is larger than that of the attacker, or if the network login is blocked, that is, CC attack, but it requires a lot of IP.

互联网上的网络攻击频繁,已经危及不同的行业,金融、游戏行业尤其严重。我们要清楚黑客有哪些常用来攻击云服务器的手段,然后才能更好地进行防御。知己知彼,方能百战不殆。

The frequent network attacks on the Internet have endangered different industries, especially the financial and game industries. We need to know what methods hackers often use to attack cloud servers, and then we can better defend them. If you know yourself and your enemy, you will be invincible in all battles.

如果是要服务器瘫痪无法登录,那就用 DDOS 攻击,但是这个前提必须要攻击者的宽带大于被攻击者,或者用网络登录堵塞也就是 CC 攻击,但是前提是要很多 IP,也就是要很多不同地方的 IP 同时去检测登录这个服务器指定的端口,例如传奇登录 7000 端口,几千人同时指定去登录这个端口就会造成堵塞。

If you want the server to be paralyzed and unable to log in, you can use DDoS attack, but this premise must be that the attacker’s broadband is larger than the attacker’s, or you can use network login to block CC attack, but the premise is that you need a lot of IP, that is, you need to check the IP in many different places to log in to the specified port of the server at the same time, such as legendary login 7000 Port, thousands of people at the same time designated to log in to this port will cause congestion.

服务器的攻击方式有很多,如果没有这方面的知识建议先学习下网络这方面,前期准备工作,漏洞收集,扫描,路由及网关分析,然后有网络编程以达到渗透的作用以至被攻击的机器瘫换,这种是具备专业知识的,一般的就是用工具了攻击,比如用工具发大量数据包,造成拒绝服务器攻击,SYN 同步攻击,总的来说都要找到目标。友情提示:那就是 慎行!

There are many ways to attack the server. If you don’t have this knowledge, you should first learn about the network, preparatory work, vulnerability collection, scanning, routing and gateway analysis, and then have network programming to achieve penetration and even collapse of the attacked machine. This kind of attack has professional knowledge. Generally, you use tools to attack. For example, use tools to send a large amount of data Packet, causing denial of server attack, syn synchronization attack, in general to find the target. Friendship tip: that is caution!

重新发送攻击

Resend attack

重新发送攻击就是指黑客收集特定的 IP 数据包篡改其数据,然后再将这些 IP 数据包一一重新发送,从而欺骗接收数据的目标计算机,实现攻击,破坏云服务器安全。

Resend attack means that hackers collect specific IP packets to tamper with their data, and then resend these IP packets one by one, so as to cheat the target computer receiving the data, realize the attack and destroy the security of the cloud server.

对协议弱点攻击

Attack on protocol weakness

在局域网中,IP 地址的源路径选项允许 IP 数据包自己选择一条通往目标计算机的路径。当黑客试图连接位于防火墙后面的一台不可达到的计算机 X 时,他只需要在送出的请求报文中设置 IP 地址源路径选项,使得报文的某一个目的地址指向防火墙,但是最终地址却指向计算机 X。

In LAN, the source path option of IP address allows IP packets to choose a path to the target computer by themselves. When the hacker tries to connect an unreachable computer x behind the firewall, he only needs to set the IP address source path option in the sent request message, so that a certain destination address of the message points to the firewall, but the final address points to the computer X.

当报文到达防火墙时被允许通过,因为它指向的是防火墙而不是计算机 X。防火墙的 IP 层处理该报文的源路径被改变,并发送到内部网上,报文就这样到达了不可到达的计算机 X,从而实现了针对信息协议弱点攻击。

Packets are allowed to pass when they reach the firewall, because it points to the firewall instead of computer X. The IP layer of the firewall processes that the source path of the message is changed and sent to the intranet, so that the message reaches the unreachable computer x, thus realizing the vulnerability attack against the information protocol.

数据驱动攻击

Data driven attack

数据驱动攻击是指黑客向目标计算机发送或复制的表面上看来无害的特殊程序,被执行时所发起的攻击。该攻击可以让黑客在目标计算机上修改与网络安全有关的文件,从而使黑客在下一次更容易入侵该目标云主机。数据驱动攻击主要包括缓冲区溢出攻击、格式化字符串攻击、输入验证攻击、同步漏洞攻击、信任漏洞攻击等。

Data-driven attack refers to the attack launched when a hacker sends or copies a seemingly harmless special program to the target computer and is executed. The attack can allow hackers to modify files related to network security on the target computer, so that hackers are more likely to invade the target virtual machine in the next time. Data driven attacks mainly include buffer overflow attack, format string attack, input verification attack, synchronization vulnerability attack, trust vulnerability attack, etc.

伪造信息进攻

Forgery attack

伪造信息进攻就是指黑客通过发送到伪造的路由器信息,构造源计算机和目标计算机之间的虚报途径,从而获取这些数据包中的银行账户密码等个人敏感信息。

The attack of forgery information refers to that hackers construct a false report path between the source computer and the target computer by sending the forgery router information, so as to obtain the bank account password and other personal sensitive information in these packets.

除了要对黑客攻击手段有所认识,我们也要对这些手段提前进行防御,这样才能够保护我们的云服务器,让它们能够正常运作。

In addition to the knowledge of hacker attacks, we also need to defend these means in advance, so as to protect our cloud servers and make them operate normally.

在拒绝服务攻击下,攻击者向 Web 资源注入的请求超出了服务器可以处理的数量,从而导致其性能下降或整个系统崩溃。下面我们来了解几种不同的攻击类型,以便更好地进行 ddos 防御。

Under the denial of service attack, the attacker injected more requests into the web resource than the server could handle, resulting in its performance degradation or the whole system crash. Let’s learn about several different types of attacks to better defend against DDoS.

体量攻击

Volume attack

当攻击者为每个打开的端口发送大量错误请求时,将其识别为体量攻击。体量攻击主要有两种,即 UDP 泛洪和 ICMP 泛洪。

When an attacker sends a large number of error requests for each open port, it is identified as a volume attack. There are two kinds of volume attacks: UDP flooding and ICMP flooding.

应用程序层攻击

Application layer attack

针对用户交互应用程序的 Web 流量的攻击称为应用程序层攻击。它主要干扰 HTTP / HTTPS、DNS 或 SMTP 协议。黑客意识到,面向基础架构的方法比破坏应用程序上的网络流量的破坏力小。

An attack on the web traffic of a user interacting application is called an application layer attack. It mainly interferes with HTTP / HTTPS, DNS or SMTP protocol. Hackers realize that an infrastructure oriented approach is less disruptive than breaking network traffic on an application.

协议攻击

Protocol attack

以网络的选定部分为目标时,它们被视为协议攻击。攻击者有意发送速度慢且格式错误的 ping,这会占用大量内存,同时尝试验证传入的 ping。

When targeting selected parts of the network, they are considered protocol attacks. The attacker intentionally sends a slow and malformed Ping, which takes up a lot of memory and attempts to verify the incoming Ping.

爆发式攻击

Explosive attack

爆发攻击会造成干扰几秒钟,并以随机间隔重复一次。它的频率和持续时间不断变化,使其成为无法预测的攻击形式。为了减轻这些攻击,企业需要等到下一波冲击来临,必须成功实施攻击才能缓解攻击。防御者需要收集所需的情报并实时设置过滤器。

The burst attack causes interference for a few seconds and repeats at random intervals. Its frequency and duration are constantly changing, making it an unpredictable form of attack. In order to mitigate these attacks, enterprises need to wait until the next wave of shocks comes, and they must successfully implement the attacks to mitigate the attacks. Defenders need to gather the intelligence they need and set up filters in real time.


速搜资源网 , 版权所有丨如未注明 , 均为原创丨转载请注明原文链接:【速搜问答】如何攻击云服务器
喜欢 (0)
[361009623@qq.com]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址