2.
3. HTTP 4. : Reverse Turing Test 5. Tempesta/Frang 6. Tempesta:
Kernel HTTP Accelerator 7. Frang: DDoS 8. DDoS
9. 10. 11. ,
- Anycast (Akamai, OpenDNS etc.)
12. IPN: DNS redirect/BGP/GRE (Prolexic) 13. , ISP etc. 14.
15. Sockstress (Full Connection Flood)
- SYN Cookies, SYN/RST/FIN rate
16. ( O(n)!) 17. 18. Virtual Hosting ? - ,
19. KillBots (Reverse Turing Test, kernel based) 20. :
NetProtect, MULTOPS 21. HTTP Reverse proxy
- Kernel based: OpenKeta, TUX, kHTTPd
22. Apache, Nginx, Varnish etc. 23. DDoS => TCP handshake GET
/ HTTP/1.1 Host: somehost.net
24. 25. IPtables/Netfilter: + strings + 26. ...
27. DDoS: 28. ...Reverse Turing Test!
Home www.securityfocus.com News (crypto)
http://www.securityfocus.com/brief/784 Vulnerabilities
http://www.securityfocus.com/vulnerabilities Blogs (PET Awards)
http://www.securityfocus.com/blogs/962 p=0,7 t_min=0.3, t_max=650
Mt=120, Dt=50 p=0,7 t_min=2, t_max=300 Mt=100, Dt=75 p=0,3 t_min=1,
t_max=750 Mt=80, Dt=25 p=0,3 t_min=1, t_max=750 Mt=80, Dt=25 29.
Tempesta/Frang
30. AI Frang FreeBSD kernel Tempesta Kernel Module Frang Kernel
Module User space 31. Tempesta HTTP accelerator
32. + event-driven (event = interrupt) 33. + X86-64 MMU 34.
Frang: DDoS prev. module
35. ( ) 36. (D[X] ) 37. QoS ( ) 38. Frang
39. HTTP 40. (1) Leased lines Layer-4 Load Balancers HTTP
Accelerators HTTP Servers Internet DSR 41. (2)
- HTTP sessions aware Layer-4 Load Balancer
42. Direct Server Return (?) 43. HTTP
44. (bash.org.ru): QoS 45. : , ; 46. = , =>QoS 47. ! ?
[email_address]
