What happens when a server is attacked?

This depends on the service provided by your server, and the attack will be different depending on the service provided.

If the server is attacked early, the commonly used DDoS and CC attacks will generally show that the packet drop is serious, and the access will either not be opened. The server is difficult to remotely, the remote connection to the desktop is very stuck, or the remote desktop is black after entering.

Some users can barely connect to the remote desktop, but the operation is difficult, the CPU is at 100%, the memory usage is also high, and the server is paralyzed. It is recommended to upgrade the Trace Service Guesser defense, or change the IP, of course, if it is a vicious attack, it is useless to change the IP. It's best to improve your defense and switch to a high-proof server.

Haiteng Data has asked you the answer.

1.System vulnerabilities: vulnerabilities in the server operating system or software, and attackers exploit these vulnerabilities to gain system privileges.

2.Weak password: The password of the server is too simple or not updated in time, and the attacker obtains system permissions through brute-force cracking or other means.

3.Spam or malware: Servers are attacked through spam or malware, and attackers plant viruses or inject ** into network services;

4.Social worker attack: The attacker obtains administrator or user privileges by disguising a specific identity.

5.DDoS attacks: Distributed denial-of-service attacks are used by attackers to occupy server resources and render servers unable to function properly.

In order to prevent the server from being attacked, the following points should be done:

1.Regularly update the system and patch vulnerabilities; Empty.

2.Use strong passwords and change them regularly;

3.Install spam filtering software and malware detection software;

4.Strengthen security awareness training for employees to avoid attacks by social workers;

5.Deploy security protection equipment, such as firewalls and intrusion detection systems.

If the server is attacked, it depends on what kind of attack the mountain is leaking, if it is a DDOS attack, it means that it may be targeted by others, it may be a competitor, and it is recommended to use a high-defense cloud server.

A: Why was the server attacked?

People often ask what to do if a server is attacked? In fact, this problem is more common, many webmasters will encounter such problems when running, now the network environment is more complex, more vulnerable to hackers and viruses, many ** security protection is not done, will suffer losses. Next, Xinnet will tell you why the server was attacked?

1. Why is the server attacked?

Servers in the Internet will inevitably be attacked, ** is more common, the main reasons for the server to be attacked are generally as follows.

1. Vicious competition.

Due to the ubiquitous competition, the Internet environment is getting worse and worse, some attack methods are emerging in an endless stream, and the frequency of malicious attacks is also higher. Attacks from other competitors in the same industry bring down your servers and compete for users to do business with them.

2. Network hacking.

Hackers in Internet servers specialize in maliciously attacking other people's servers, and they often take advantage of the vulnerabilities in the user's server program, the software level is low, and it is easy to be exploited to launch malicious DDoS attacks.

3. Special industries.

Server users in special industries, such as finance, e-commerce, banking, etc., hacker servers to obtain data or seek profits. Games**, chess and cards**, but also include enterprises**, entertainment**, shopping**, etc. All kinds of cyber attacks have caused the collapse of the company, the forced shutdown of the server or even the downtime, and the loss of profits of the operator.

If the server is attacked, you can send me a private message!

What should I do if I am attacked and cannot be accessed? What should I do if my server keeps being attacked? How can I protect my server from attacks?

There are two common types of attacks. One is CCOne is DDOS

If it's ddosThe computer room must have hard defense to defend, which must require sufficient bandwidth to solve the leakage, and CDN for shunting and cleaning.

If it's ccThe data center technology will adjust the policy in time according to the type of attack, and the CDN service can pass through the policy first. Very effective against CC attacks.

Protect against server attacks:

1. First of all, the server must disable the administrator;

2. System upgrades, OS patches, especially patches, sqlsp3a patches, and even patches should be played. At the same time, keep track of the latest vulnerability patches of Zengame;

3. Start the built-in Internet connection firewall of the system, and check the web server in the service settings.

4. Prohibiting the response to ICMP routing announcement packets;

5. Disable workstations in the service;

6. Prevent IUSR users from elevating privileges;

7. Prevent SQL injection.

Of course, if a hacker or an adversary wants to stare at you, it is also a very fatal thing, the attacker will consume costs, and the defender will also need to spend a lot of money to solve the defense problem.

Summary. It is necessary to regularly scan the existing network master nodes to check for possible security vulnerabilities and clean up new vulnerabilities in a timely manner. The backbone computers are the best locations for hackers to exploit because of their high bandwidth, so it is important to strengthen host security for these hosts themselves.

And the servers connected to the network master nodes make it all the more important to scan for vulnerabilities regularly.

Configure a firewall on the backbone node.

The firewall itself protects against DDoS attacks and several other attacks. When an attack is found, the attack can be directed to some sacrificial hosts, which can protect the real host from being attacked. Of course, these sacrificial hosts can choose unimportant systems, or Linux and UNIX with few vulnerabilities and inherently excellent protection against attacks.

What to do if your server is attacked.

It is necessary to regularly scan the existing network master nodes to check for possible security vulnerabilities and clean up new vulnerabilities in a timely manner. The backbone computers are the best locations for hackers to exploit because of their high bandwidth, so it is important to strengthen host security for these hosts themselves. And the servers connected to the network master nodes make it all the more important to scan for vulnerabilities regularly.

Configure a firewall on the backbone node, and the firewall itself can defend against DDoS attacks and other attacks. When an attack is found, the attack can be directed to some sacrificial hosts, which can protect the real host from being attacked. Of course, these sacrificial hosts can choose unimportant systems, or Linux and UNIX with few vulnerabilities and inherently excellent protection against attacks.

Filter for unnecessary services and portsFilter for unnecessary services and ports, i.e., filter fake IP ...... on your routerOnly opening service ports has become a popular practice for many servers, such as www servers, which only open 80 and close all other ports or block policies on firewalls. To find the source of an attack, you need to analyze the system logs or login log files to find out suspicious information and analyze suspicious programs based on your own experience and comprehensive judgment ability. To analyze the causes and ways of invention, we must find out the specific causes and ways of the attack, which may be caused by various reasons such as system vulnerabilities or program vulnerabilities.