阿里云DDoS高防适用于众安保险 阿里行业吗?

来源:蜘蛛抓取(WebSpider) 时间:2018-06-09 22:05 标签: 阿里保险
阿里云DDOS高防 - 访问与攻击日志实时分析(一)
阿里云DDOS高防 - 访问与攻击日志实时分析(一)
阿里云DDOS高防IP的网站访问日志(包含CC攻击日志)目前已经与日志服务打通,提供实时分析与报表中心的功能。
DDOS攻击趋势
互联网界的安全一直都不断的面临着挑战,以ddos攻击为代表的网络威胁直接对网络安全产生严重的影响。
Ddos攻击正在朝着大规模、移动化、全球化的方向发展. 据近年来的调查报告显示,ddos攻击的频率呈现出增长的趋势。黑客攻击的隐蔽性强,能够控制大量的安全措施差的云服务商和IDC甚至发起攻击,其攻击已经形成了成熟的黑色产业链,并且越来越有组织化。
同时,攻击的方式向两极化发展,慢速攻击、混合攻击尤其是占比不断增大,这给检测防御造成更大的难度。一方面,超过1TB的攻击峰值屡见不鲜()、100G攻击次数成倍增长,另一方面,应用层攻击也在大幅度翻倍(参考)
根据,中国依然主要的DDOS攻击源和目标(50%左右). 主要被攻击的行业是互联网(超过50%)、游戏、软件公司、金融等(参考)。
阿里云DDOS高防IP
阿里云云盾DDoS高防IP是针对互联网服务器(包括非阿里云主机)在遭受大流量的DDoS攻击后导致服务不可用的情况下,推出的付费增值服务,用户可以通过配置高防IP,将攻击流量引流到高防IP,确保源站的稳定可靠。
云盾高防产品目前在全世界多个国家都建设了大容量的清洗中心,整体清洗能力在2T以上,2014年,云盾高防IP防御了全球最大的一次DDoS攻击453.8Gbps。
阿里云日志服务
阿里云的日志服务(log service)是针对日志类数据的一站式服务,无需开发就能快捷完成海量日志数据的采集、消费、投递以及查询分析等功能,提升运维、运营效率。日志服务主要包括 实时采集与消费、数据投递、查询与实时分析 等功能。
阿里云DDOS高防访问与攻击日志实时分析概述
根据,超过80%DDOS攻击会混合HTTP攻击,而CC攻击尤其隐蔽,因此通过日志对访问和攻击行为进行即时分析研究、附加防护策略就显得尤其重要。
目前,的网站访问日志(包含CC攻击日志)目前已经与打通,提供实时分析与报表中心的功能。
目前内测阶段,6月份即将发布
对日志存储有合规需求的大型企业与机构,如金融公司、政府类机构等。
需要实时了解DDOS高防整体状况,并对关键业务的DDOS中CC攻击进行深入分析与防护的企业,如金融类、电商类和游戏类企业等。
发布功能:
轻松配置,即可实时高防日志采集。
依托日志服务,提供实时日志分析,并提供开箱机用的报表中心(支持定制),对数据库执行状况、性能、潜在安全问题了如指掌,并可实时挖掘细节。
免费提供3天的日志存储、查询与实时分析,并可自由扩展存储时间,以便合规、溯源、备案等。支持不限时间的存储,。
支持基于特定指标,支持定制准实时监测与报警,确保关键业务异常及时响应。
可对接其他生态如流计算、云存储、可视化方案,进一步挖掘数据价值。
与AWS Shield方案在日志分析方面的比较:
开通日志服务。
开通DDOS服务,购买实例,并。
正式发布后, 在DDOS控制台简单操作即可打开特定网站的日志.
开通配置后即可使用自带的实时分析功能与报表中心.
场景一: 实时网站访问异常排查与问题分析,读写延时,各运营商分布等
查看DDOS访问日志的SQL:
__topic__: ddos_access_log
场景二: CC攻击者分布与来源追踪,溯源并辅助应对策略等
查看CC攻击者的国家分布的SQL:
__topic__: ddos_access_log and cc_blocks & 0| SELECT ip_to_country(if(real_client_ip='-', remote_addr, real_client_ip)) as country, count(1) as "攻击次数" group by country
场景三: 整体访问监控程度,运维可靠性指标一目了然
查看PV的SQL:
__topic__: ddos_access_log
| select count(1) as PV
场景四: 运营分析,网站受欢迎程度,被哪些渠道使用,客户端分布等
查看来自各个网络运营商的访问者的流量分布的SQL:
__topic__: ddos_access_log
| select ip_to_provider(if(real_client_ip='-', remote_addr, real_client_ip)) as provider, round(sum(request_length)/4.0, 3) as mb_in group by provider having ip_to_provider(if(real_client_ip='-', remote_addr, real_client_ip)) && '' order by mb_in desc limit 10
固定为ddos_access_log
body_bytes_sent
请求发送Body的大小(字节)
content_type
application/x-www-form-urlencoded
api.zhihu.com
http_cookie
请求cookie
k1=v1;k2=v2
http_referer
请求referer
http_user_agent
请求User Agent
Dalvik/2.1.0 (L U; Android 7.0; EDI-AL10 Build/HUAWEIEDISON-AL10)
http_x_forwarded_for
通过代理跳转IP
可能值:true、false
matched_host
匹配的配置的源站(可能是泛域名)
*.zhihu.com
未匹配则为-
real_client_ip
访问客户的真实IP
获取不到时为-
BGP、电信、联通等
remote_addr
请求连接的客户端IP
remote_port
请求连接的客户端端口号
request_length
请求长度(字节)
request_method
请求的HTTP方法
request_time_msec
请求时间(微秒)
request_uri
/answers//banner
server_name
匹配到的host名
api.abc.com
没有匹配到则为default
T16:03:59+08:00
CC防护策略行为
可能的值: none、challenge、pass、close、captcha、wait、login、n等
表示CC防护是否阻止
1-阻止,其他表示通过
CC防护策略
server_ip_blacklist
可能的值:seccookie、server_ip_blacklist、static_whitelist、 server_header_blacklist、server_cookie_blacklist、server_args_blacklist、qps_overmax等
ua_browser
ua_browser_family
浏览器系列
internet explorer
ua_browser_type
浏览器类型
web_browser
ua_browser_version
浏览器版本
ua_device_type
客户端设备类型
客户端操作系统
ua_os_family
upstream_addr
回源地址列表
1.2.3.4:443
IP:Port,多个地址用逗号分隔
upstream_ip
实际回源地址IP
upstream_response_time
回源响应时间(秒)
upstream_status
回源请求HTTP状态
我们会介绍更多关于如何配置并使用DDOS高防访问日志对网站运营、访问和安全状况进行详细分析的内容,敬请期待。
用云栖社区APP,舒服~
【云栖快讯】《阿里巴巴Java开发手册》(详尽版)已经上线!您的Java学好了吗?如果没有,那就赶紧加入学习吧!&&
针对互联网服务器(包括非阿里云主机)在遭受大流量的DDoS攻击后导致服务不可用的情况下,推出...
飞天发布会第8期:智能选址解决方案数加&大数据分析及展现
数加&大数据应用
管理与监控
阿里云办公
培训与认证
域名与网站(万网)
数加&人工智能
数加&大数据基础服务
互联网中间件
开发者工具
&&&&&&&&&访问高防端口不通排查
访问高防端口不通排查
更新时间: 09:49:33
注意:本文档适用于端口访问一直不通的场景。如果您的三线高防网络链路(BGP、电信和联通)同时出现问题,请参考 。
问题描述针对单一运营商(比如电信)或单一地域(比如兰州),用户在访问对应的高防节点时无法访问,但访问另外一个节点就正常了。
问题分析遇到此类问题时,需要收集基础信息,首先确认问题影响范围,然后获取全面的诊断信息,进行分析定位和相应处理。
排查思路参照以下步骤进行排查。
确保没有跨运营商访问。
获取以下基础信息:客户端IP、运营商信息、无法访问的端口。
获取以下全面诊断信息:
ping 测试结果截图端口 telnet 测试结果截图具体的报错信息全屏截图端口路由跟踪,无法 ping 时,
如果结和以上信息,仍没有定位出问题,您需要在服务端以及客户端 。
根据上述信息定位出问题后,联系相关部门进行处理。
案例分享问题描述接到某高防用户反馈,A省x市电信用户,在访问高防节点的80端口时出现异常,但是访问443端口是正常的。
分析/获取以下基础信息:
A省的x市电信用户 高防节点80端口:问题范围明确。访问443端口是正常的:说明整个链路是通的,只是个别端口有问题。联系最终用户,获取具体的IP地址是:x.x.x.x联系最终用户,获取 ping\telnet\ 报错的结果。联系最终用户,获取端口跟踪正常与不正常的结果对比。
定位问题。根据上述最后一条信息,端口跟踪路由在x市的网络出口处中断。
问题处理。联系运营商处理。由于客户端市级运营商安全策略调整导致问题,调整后恢复。
本文导读目录
以上内容是否对您有帮助?
更新不及时
缺少代码/图片示例
太简单/步骤待完善
更新不及时
缺少代码/图片示例
太简单/步骤待完善
感谢您的打分,是否有意见建议想告诉我们?
感谢您的反馈,反馈我们已经收到通用解决方案
行业解决方案
企业服务解决方案
安全解决方案
大数据解决方案
DevOps解决方案
ET行业大脑
人工智能解决方案
机器算法平台
ET大脑生态
数据分析与展现
大数据应用
大数据基础服务
天池AI生态
安全解决方案
安全服务 · 先知
建议与反馈
技术与赋能
售前咨询 95187转1
[{"name":"noesc"},{"name":"haveecs"},{"name":"haverds"},{"name":"moren"},{"name":"memberpoints"}]
[{"customer_type":[{"0":"false","1":"false","tce_rule_count":"1"}],"go_to_aboad_demand_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"isGcLevel12":"false","isGcLevel3":"false","lost_risk_score":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_tech_strength":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"association":"not_effective","aliyun_site_activity_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"main_browse_prd":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"longTailUser":"false","result":"noesc","user_dentity_des":[{"技术/运维":"false","技术部副负责人":"false","其它":"false","高级架构师":"false","tce_rule_count":"1","平台工程师":"false","站长":"false","CEO":"false","CEO (法人)":"false","项目负责人":"false","技术负责人":"false","财务负责人":"false","股东":"false","技术运维负责人":"false","运维负责人":"false","技术人员":"false"}],"new_user_ecs_buy_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"aliyun_prd_retain":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"prob_cal_level_churn":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_level_yun":[{"tce_rule_count":"1","V0":"false","V1":"false","V2":"false","V3":"false","V4":"false"},{"tce_rule_count":"1","V0":"false","V1":"false","V2":"false","V3":"false","V4":"false"}],"user_level":[{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"},{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"},{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"}],"user_cat_level1":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"is_ecs_retain":"0","user_cat_name_level1":[{"网站":"false","其它":"false","通讯社交":"false","tce_rule_count":"1","o2o":"false","金融":"false","IT与软件开发":"false","能源/交通运输/生产制造":"false","移动APP":"false","教育":"false","音视频":"false","医疗健康":"false","政府/事业单位":"false","游戏":"false","物联网":"false","电子商务":"false","旅游":"false"}],"interested_prd":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"ecs_res_use_stage":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}]},{"customer_type":[{"0":"false","1":"false","tce_rule_count":"1"}],"go_to_aboad_demand_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"isGcLevel12":"false","isGcLevel3":"false","is_rds_retain":"1","lost_risk_score":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_tech_strength":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"association":"not_effective","aliyun_site_activity_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"main_browse_prd":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"longTailUser":"false","result":"haverds","user_dentity_des":[{"技术/运维":"false","技术部副负责人":"false","其它":"false","高级架构师":"false","tce_rule_count":"1","平台工程师":"false","站长":"false","CEO":"false","CEO (法人)":"false","项目负责人":"false","技术负责人":"false","财务负责人":"false","股东":"false","技术运维负责人":"false","运维负责人":"false","技术人员":"false"}],"new_user_ecs_buy_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"aliyun_prd_retain":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"prob_cal_level_churn":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_level_yun":[{"tce_rule_count":"1","V0":"false","V1":"false","V2":"false","V3":"false","V4":"false"}],"user_level":[{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"},{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"}],"user_cat_level1":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_cat_name_level1":[{"网站":"false","其它":"false","通讯社交":"false","tce_rule_count":"1","o2o":"false","金融":"false","IT与软件开发":"false","能源/交通运输/生产制造":"false","移动APP":"false","教育":"false","音视频":"false","医疗健康":"false","政府/事业单位":"false","游戏":"false","物联网":"false","电子商务":"false","旅游":"false"}],"interested_prd":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"ecs_res_use_stage":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}]},{"result":"haveecs","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","is_ecs_retain":"1","longTailUser":"false"},{"result":"moren","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","reg_days":"999999","longTailUser":"false"},{"result":"memberpoints","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","longTailUser":"false"},{"result":"caigouji","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","user_level":[],"user_cat_level1":[{"0":"true","1":"true","2":"true","tce_rule_count":"1"}],"longTailUser":"false"},{"result":"inactiverecall","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","member_rights":"FY_riskandlost_Maraccess","longTailUser":"false"}]
售前咨询热线
支持与服务
资源和社区
关注阿里云
International[{"name":"noesc"},{"name":"haveecs"},{"name":"haverds"},{"name":"moren"},{"name":"memberpoints"}]
[{"customer_type":[{"0":"false","1":"false","tce_rule_count":"1"}],"go_to_aboad_demand_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"isGcLevel12":"false","isGcLevel3":"false","lost_risk_score":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_tech_strength":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"association":"not_effective","aliyun_site_activity_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"main_browse_prd":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"longTailUser":"false","result":"noesc","user_dentity_des":[{"技术/运维":"false","技术部副负责人":"false","其它":"false","高级架构师":"false","tce_rule_count":"1","平台工程师":"false","站长":"false","CEO":"false","CEO (法人)":"false","项目负责人":"false","技术负责人":"false","财务负责人":"false","股东":"false","技术运维负责人":"false","运维负责人":"false","技术人员":"false"}],"new_user_ecs_buy_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"aliyun_prd_retain":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"prob_cal_level_churn":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_level_yun":[{"tce_rule_count":"1","V0":"false","V1":"false","V2":"false","V3":"false","V4":"false"},{"tce_rule_count":"1","V0":"false","V1":"false","V2":"false","V3":"false","V4":"false"}],"user_level":[{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"},{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"},{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"}],"user_cat_level1":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"is_ecs_retain":"0","user_cat_name_level1":[{"网站":"false","其它":"false","通讯社交":"false","tce_rule_count":"1","o2o":"false","金融":"false","IT与软件开发":"false","能源/交通运输/生产制造":"false","移动APP":"false","教育":"false","音视频":"false","医疗健康":"false","政府/事业单位":"false","游戏":"false","物联网":"false","电子商务":"false","旅游":"false"}],"interested_prd":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"ecs_res_use_stage":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}]},{"customer_type":[{"0":"false","1":"false","tce_rule_count":"1"}],"go_to_aboad_demand_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"isGcLevel12":"false","isGcLevel3":"false","is_rds_retain":"1","lost_risk_score":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_tech_strength":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"association":"not_effective","aliyun_site_activity_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"main_browse_prd":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"longTailUser":"false","result":"haverds","user_dentity_des":[{"技术/运维":"false","技术部副负责人":"false","其它":"false","高级架构师":"false","tce_rule_count":"1","平台工程师":"false","站长":"false","CEO":"false","CEO (法人)":"false","项目负责人":"false","技术负责人":"false","财务负责人":"false","股东":"false","技术运维负责人":"false","运维负责人":"false","技术人员":"false"}],"new_user_ecs_buy_level":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"aliyun_prd_retain":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"prob_cal_level_churn":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_level_yun":[{"tce_rule_count":"1","V0":"false","V1":"false","V2":"false","V3":"false","V4":"false"}],"user_level":[{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"},{"L0":"false","L1":"false","L2":"false","L3":"false","tce_rule_count":"1","L4":"false"}],"user_cat_level1":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}],"user_cat_name_level1":[{"网站":"false","其它":"false","通讯社交":"false","tce_rule_count":"1","o2o":"false","金融":"false","IT与软件开发":"false","能源/交通运输/生产制造":"false","移动APP":"false","教育":"false","音视频":"false","医疗健康":"false","政府/事业单位":"false","游戏":"false","物联网":"false","电子商务":"false","旅游":"false"}],"interested_prd":[{"rds":"false","ecs":"false","mail":"false","vm":"false","domain":"false","tce_rule_count":"1","slb":"false","cdn":"false","oss":"false"}],"ecs_res_use_stage":[{"0":"false","1":"false","2":"false","tce_rule_count":"1"}]},{"result":"haveecs","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","is_ecs_retain":"1","longTailUser":"false"},{"result":"moren","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","reg_days":"999999","longTailUser":"false"},{"result":"memberpoints","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","longTailUser":"false"},{"result":"caigouji","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","user_level":[],"user_cat_level1":[{"0":"true","1":"true","2":"true","tce_rule_count":"1"}],"longTailUser":"false"},{"result":"inactiverecall","isGcLevel12":"false","isGcLevel3":"false","association":"not_effective","member_rights":"FY_riskandlost_Maraccess","longTailUser":"false"}]
通用解决方案
行业解决方案
企业服务解决方案
安全解决方案
大数据解决方案
DevOps解决方案
ET行业大脑
人工智能解决方案
机器算法平台
ET大脑生态
数据分析与展现
大数据应用
大数据基础服务
天池AI生态
安全解决方案
安全服务 · 先知
建议与反馈
技术与赋能
售前咨询 95187转1
下载阿里云APP
灵活管控,快速上云
DDoS高防IP
精心打造的功能
领军客户实战场景
游戏直播-触手手游
金融保险-太平洋保险
新零售-银泰
媒体娱乐-新浪微博
教育-学而思
政府-人民网
通过修改DNS域名解析,高防IP将替代源站服务器IP对外提供在线互联网业务,所有业务流量都将牵引至高防IP上进行清洗,干净流量回注给源站服务器。源站服务器始终隐藏在DDoS高防后面,攻击者无法直接对源站服务器发起DDoS攻击,无法影响互联网在线业务的可用性。
清洗带宽大
最高支持1T的清洗带宽能力
防护效果好
业界领先防护算法,每天抵御DDoS攻击3000+
智能调度稳
各线路按最优策略调度,高可用性有保障
强而有力的后盾
简单灵活的管控
高防IP价格介绍
高防IP基本功能介绍
高防ip接入基本概念
高防IP网站业务配置
高防IP非网站接入
文档与工具
售前咨询热线
支持与服务
资源和社区
关注阿里云
International
下载阿里云APP
灵活管控,快速上云阿里云ECS服务器被DDoS无解,请问我该何去何从? - 知乎304被浏览<strong class="NumberBoard-itemValue" title="9分享邀请回答0添加评论分享收藏感谢收起

我要回帖

更多关于 阿里保险 的文章

 

随机推荐