If you can't read please download the document
Upload
highload-2009
View
671
Download
1
Embed Size (px)
Citation preview
2.
3. HTTP 4. : Reverse Turing Test 5. Tempesta/Frang 6. Tempesta: Kernel HTTP Accelerator 7. Frang: DDoS 8. DDoS
9. 10. 11. ,
12. IPN: DNS redirect/BGP/GRE (Prolexic) 13. , ISP etc. 14.
15. Sockstress (Full Connection Flood)
16. ( O(n)!) 17. 18. Virtual Hosting ? - ,
19. KillBots (Reverse Turing Test, kernel based) 20. : NetProtect, MULTOPS 21. HTTP Reverse proxy
22. Apache, Nginx, Varnish etc. 23. DDoS => TCP handshake GET / HTTP/1.1 Host: somehost.net
24. 25. IPtables/Netfilter: + strings + 26. ...
27. DDoS: 28. ...Reverse Turing Test!
Home www.securityfocus.com News (crypto) http://www.securityfocus.com/brief/784 Vulnerabilities http://www.securityfocus.com/vulnerabilities Blogs (PET Awards) http://www.securityfocus.com/blogs/962 p=0,7 t_min=0.3, t_max=650 Mt=120, Dt=50 p=0,7 t_min=2, t_max=300 Mt=100, Dt=75 p=0,3 t_min=1, t_max=750 Mt=80, Dt=25 p=0,3 t_min=1, t_max=750 Mt=80, Dt=25 29. Tempesta/Frang
30. AI Frang FreeBSD kernel Tempesta Kernel Module Frang Kernel Module User space 31. Tempesta HTTP accelerator
32. + event-driven (event = interrupt) 33. + X86-64 MMU 34. Frang: DDoS prev. module
35. ( ) 36. (D[X] ) 37. QoS ( ) 38. Frang
39. HTTP 40. (1) Leased lines Layer-4 Load Balancers HTTP Accelerators HTTP Servers Internet DSR 41. (2)
42. Direct Server Return (?) 43. HTTP
44. (bash.org.ru): QoS 45. : , ; 46. = , =>QoS 47. ! ? [email_address]