 |
|
 |
|
|
1. ½ÇÁ¦IP ¶Ç´Â IPº¯Á¶ ÈÄ ´Ù·®ÀÇ Syn ÆÐŶÀ» °ø°Ý ´ë»ó ¼¹ö·Î Àü¼Û |
|
2. ´Ù·®ÀÇ ACK/SYN+ACK/FIN/RST µîÀÇ ÆÐŶÀ» °ø°Ý ´ë»ó ¼¹ö·Î Àü¼Û |
|
3. °ø°Ý ¹ÞÀº ¼¹ö´Â ´Ù¼öÀÇ SYN_RECEIVED, ESTABLISHED ¼¼¼Ç »óÅ°¡ ¹ß»ý |
|
4. ¼¹öÀÇ CPU ¹× Connection ÀÚ¿øÀÇ °í°¥À» À¯¹ß |
|
5. ÀϺΠ³×Æ®¿öÅ© Àåºñ ¹× ¼¹öÀÇ CPU »ç¿ë·®ÀÌ ¿Ã¶ó°¡´Â µî ¿ÀÀÛµ¿ ¹ß»ý °¡´É |
|
|
| Ç׸ñ |
|
³»¿ë |
| ÇÁ·ÎÅäÄÝ |
|
TCP |
|
| °ø°ÝÁö¿ª |
|
±¹³»/±¹¿Ü |
|
| IPº¯Á¶ |
|
½ÇÁ¦IP ¹× º¯Á¶IP |
|
| °ø°ÝÀ¯Çü |
|
1Gbyte ~ 2Gbyte, ¼ö½Ê¸¸~¼ö¹é¸¸ PPS |
|
| °ø°ÝÈ¿°ú |
|
³×Æ®¿öÅ© Àåºñ, º¸¾ÈÀåºñ, ¼¹ö µîÀÇ ºÎÇÏ ¹ß»ý |
|
| °ø°ÝÇÇÇØ |
|
°ø°Ý ´ë»ó ½Ã½ºÅÛ ¶Ç´Â µ¿ÀÏ ³×Æ®¿öÅ©¿¡¼ »ç¿ë ÁßÀÎ ¸ðµç ½Ã½ºÅÛ |
|
|
|
|
 |
|
|
1. Á¤»óÀûÀÎ 3 way handshake ÈÄ ·Î±×ÀÎ ¹× »óÇ° Á¶È¸¿Í °°Àº ¿äû ¹Ýº¹ Àü¼Û |
|
2. À¥¼¹ö ¹× DB ¼¹öÀÇ CPU ¹× Connection ÀÚ¿øÀÇ °í°¥À» À¯¹ß |
|
|
| Ç׸ñ |
|
³»¿ë |
| ÇÁ·ÎÅäÄÝ |
|
HTTP |
|
| °ø°ÝÁö¿ª |
|
±¹³»/±¹¿Ü |
|
| IPº¯Á¶ |
|
½ÇÁ¦IP |
|
| °ø°ÝÀ¯Çü |
|
µ¿ÀÏ URL Á¢¼Ó ½Ãµµ |
|
| °ø°ÝÈ¿°ú |
|
À¥¼¹ö ºÎÇÏ ¹ß»ý |
|
| °ø°ÝÇÇÇØ |
|
°ø°Ý ´ë»ó ½Ã½ºÅÛ |
|
|
|
|
 |
|
|
1. 20Gbyte~30Gbyte Á¤µµÀÇ Å« ÆÐŶÀ» °ø°Ý ´ë»ó ¼¹ö(³×Æ®¿öÅ©)·Î Àü¼Û ³×Æ®¿öÅ© ȸ¼± ´ë¿ªÆø °í°¥ |
|
2. °ø°Ý ´ë»ó ¼¹ö¿Í °°Àº ³×Æ®¿öÅ©¿¡¼ ¿î¿µ ÁßÀÎ ¸ðµç ¼¹öÀÇ Á¢¼Ó Àå¾Ö À¯¹ß |
|
|
| Ç׸ñ |
|
³»¿ë |
| ÇÁ·ÎÅäÄÝ |
|
UDP/ICMP |
|
| °ø°ÝÁö¿ª |
|
±¹³» |
|
| IPº¯Á¶ |
|
½ÇÁ¦IP ¹× º¯Á¶IP |
|
| °ø°ÝÀ¯Çü |
|
20Gbyte ~ 30Gbyte, ¼ö½Ê¸¸ PPS |
|
| °ø°ÝÈ¿°ú |
|
ȸ¼± ´ë¿ªÆø °í°¥ |
|
| °ø°ÝÇÇÇØ |
|
µ¿ÀÏ ³×Æ®¿öÅ©¿¡¼ »ç¿ëÁßÀÎ ¸ðµç ½Ã½ºÅÛ |
|
|
|
|
 |
|
|
1. °èÃø±â °ø°Ý |
|
¿¹) ½º¸¶Æ®ºñÆ® : ÃÊ´ç 300¸¸ PPS ÀÌ»ó ¹ß»ý |
|
|
2. Slow TCP Connection Flooding °ø°Ý |
|
¿¹) ´Ù¼öÀÇ PC¿¡¼ ÃÊ´ç 10 Connection ÀÌÇÏ |
|
|
3. http¸¦ ÀÌ¿ëÇÑ °ø°Ý |
|
¿¹) °ø°Ý ´ë»ó »çÀÌÆ® ºÐ¼®À» ÅëÇÑ URL, ÆĶó¹ÌÅÍ º¯Á¶ |
|
|
4. ±âº» DDOS °ø°Ý ±â¼úÀÇ ÀÀ¿ë |
|
¿¹) Àß ¾Ë·ÁÁø IP·Î Source IP º¯Á¶ |
|
|
 |
|
|
 |
|
|
º¿(Bot) : ¿î¿µÃ¼Á¦ Ãë¾àÁ¡, ºñ¹Ð¹øÈ£ Ãë¾à¼º, ¿ú, ¹ÙÀÌ·¯½ºÀÇ ¹éµµ¾î µîÀ» ÀÌ¿ëÇÏ¿© ÀüÆĵǸç, ¸í·É Àü´Þ»çÀÌÆ®¿ÍÀÇ ¹éµµ¾î ¿¬°áµîÀ»
ÅëÇÏ¿© ½ºÆÔ¸ÞÀÏ Àü¼ÛÀ̳ª DDOS°ø°Ý¿¡ ¾Ç¿ë °¡´ÉÇÑ ÇÁ·Î±×·¥ ¶Ç´Â ½ÇÇà °¡´ÉÇÑ ÄÚµå |
|
