What is CC attack? How to defend effectively?

Time:2020-1-24

CC attack is actually a kind of DDoS attack. Its principle is that the attacker controls some hosts to send a large number of packets to each other’s servers continuously, which causes the server resource to be exhausted, until it goes down and crashes. This kind of attack is generally not very high traffic, but it is very destructive, which directly leads to the system service hanging up and unable to service normally. CC attack is one of the most common attack types of hackers because of its quick effect, low cost and hard to trace.
What is CC attack? How to defend effectively?

CC attacks mainly include the following types:

1. Direct attack

Mainly for web applications with important defects, this situation is relatively rare, and generally only appears when the program is written in error.

2. Agent attack

Proxy attack is a kind of attack that hackers use proxy server to generate legitimate Web page requests to the victim host, to achieve dos and camouflage. An attacker simulates multiple users accessing pages that require a lot of data operations and CPU time.

3. Botnet attack

Attackers spread the “zombie program” (the “backdoor virus” detected by tinder) through various ways. Then, when the user infects and activates the virus, the attacker can control the computer and issue various remote commands. Finally, as more and more computers are infected, a huge “botnet” is formed.  
What is CC attack? How to defend effectively?

How to defend against CC attack?

1. Do a good job in maintaining the website program and the server itself.Make the website as a static page as much as possible, do a good job in server Vulnerability prevention and server permission setting. It is better to take the database and program out of the root directory separately, and put them in when it needs to be updated and used, which can also effectively prevent CC attacks, but this operation is more cumbersome.

2. Hide your server IP and change the DNS of the website.You can access security guard or cloud acceleration, ping your own website domain name will not display your website IP, but also effectively avoid DDoS and CC attacks. But after all, it’s a free product, with a traffic limit, and sometimes it may fail. It can only prevent general CC attacks.

3. Access to advanced defense services.It is suggested to choose the advanced defense service of mozerdun, which has strong defense capability and stable circuit, can effectively prevent CC attack and effectively avoid the huge risk of corporate network being attacked by CC.