游戲產(chǎn)業(yè)的迅猛發(fā)展也讓游戲產(chǎn)業(yè)成為被黑客攻擊的重災(zāi)區(qū)。什么原因讓游戲行業(yè)成為DDoS的攻擊重點?？偨Y(jié)有如下原因和主要手段：

? ? ? ?1.游戲行業(yè)的攻擊成本較低，攻防成本1：N。隨著DDoS攻擊的打法越來越復(fù)雜，攻擊點更是越來越多，基本的靜態(tài)防護(hù)策略已無法達(dá)到較好的效果，易攻難守的特點讓游戲行業(yè)成為黑客的眼中肥肉。

? ? ? ?2.游戲行業(yè)生命周期短。據(jù)2017年上半年游戲行業(yè)DDoS態(tài)勢報告顯示，90%的游戲業(yè)務(wù)在被攻擊后的2-3天內(nèi)會徹底下線，游戲公司日損失可大數(shù)百萬元。黑客認(rèn)定游戲公司為避免損失更大，相對更愿意支付“保護(hù)費”。

? ? ? ?3.游戲行業(yè)對于持續(xù)性的要求更高，需要7*24*365在線暢通。據(jù)2017年上半年游戲行業(yè)DDoS態(tài)勢報告顯示，攻擊超過2-3天以上，玩家一般會從幾萬人掉到幾百人，玩家決定了游戲的存亡，失去玩家就等于頻臨垂死。

? ? ? ?4.游戲行業(yè)火爆，同行之間競爭激烈，造成不少的惡意競爭。這也是導(dǎo)致游戲行業(yè)DDoS攻擊數(shù)量劇增的原因之一。

? ? ? ?當(dāng)前游戲行業(yè)DDoS攻擊的主要手段有以下幾種：

? ? ? ?SYN/ACK Flood 攻擊

? ? ? ?這種攻擊方法是經(jīng)典最有效的 DDOS 方法， 可通殺各種系統(tǒng)的網(wǎng)絡(luò)服務(wù)， 主要是通過向受害主機(jī)發(fā)送大量偽造源 IP 和源端口的 SYN 或 ACK 包，導(dǎo)致主機(jī)的緩存資源被耗盡或忙于發(fā)送回應(yīng)包而造成拒絕服務(wù)， 由于源都是偽造的故追蹤起來比較困難， 缺點是實施起來有一定難度， 需要高帶寬的僵尸主機(jī)支持。少量的這種攻擊會導(dǎo)致主機(jī)服務(wù)器無法訪問， 但卻可以 Ping 的通， 在服務(wù)器上用 Netstat -na 命令會觀察到存在大量的 SYN_RECEIVED 狀態(tài)，大量的這種攻擊會導(dǎo)致 Ping 失敗、TCP/IP 棧失效，并會出現(xiàn)系統(tǒng)凝固現(xiàn)象，即不響應(yīng)鍵盤和鼠標(biāo)。普通防火墻大多無法抵御此種攻擊。

? ? ? ?TCP 全連接攻擊

? ? ? ?這種攻擊是為了繞過常規(guī)防火墻的檢查而設(shè)計的，一般情況下，常規(guī)防火墻大多具備過濾 T earDrop、Land 等 DOS 攻擊的能力，但對于正常的 TCP 連接是放過的，殊不知很多網(wǎng)絡(luò)服務(wù)程序(如：IIS、Apache 等 W eb 服務(wù)器)能接受的 TCP 連接數(shù)是有限的，一旦有大量的 TCP 連接，即便是正常的，也會導(dǎo)致網(wǎng)站訪問非常緩慢甚至無法訪問，TCP 全連接攻擊就是通過許多僵尸主機(jī)不斷地與受害服務(wù)器建立大量的 TCP 連接，直到服務(wù)器的內(nèi)存等資源被耗盡而被拖跨， 從而造成拒絕服務(wù)， 這種攻擊的特點是可繞過一般防火墻的防護(hù)而達(dá)到攻擊目的，缺點是需要找很多僵尸主機(jī)，并且由于僵尸主機(jī)的 IP 是暴露的，因此容易被追蹤。

? ? ? ?刷腳本攻擊

? ? ? ?這種攻擊主要是針對存在 ASP、JSP、PHP、CGI 等腳本程序，并調(diào)用 MSSQLServer、MySQLServer、Oracle 等數(shù)據(jù)庫的網(wǎng)站系統(tǒng)而設(shè)計的，特征是和服務(wù)器建立正常的 TCP 連接， 并不斷的向腳本程序提交查詢、 列表等大量耗費數(shù)據(jù)庫資源的調(diào)用， 一般來說， 提交一個 GET 或 POST 指令對客戶端的耗費和帶寬的占用是幾乎可以忽略的，而服務(wù)器為處理此請求卻可能要從上萬條記錄中去查出某個記錄， 這種處理過程對資源的耗費是很大的， 常見的數(shù)據(jù)庫服務(wù)器很少能支持?jǐn)?shù)百個查詢指令同時執(zhí)行，而這對于客戶端來說卻是輕而易舉的， 因此攻擊者只需通過 Proxy 代理向主機(jī)服務(wù)器大量遞交查詢指令， 只需數(shù)分鐘就會把服務(wù)器資源消耗掉而導(dǎo)致拒絕服務(wù)，常見的現(xiàn)象就是網(wǎng)站慢如蝸牛、ASP 程序失效、PHP 連接數(shù)據(jù)庫失敗、數(shù)據(jù)庫主程序占用 CPU 偏高。這種攻擊的特點是可以完全繞過普通的防火墻防護(hù)， 輕松找一些 Proxy 代理就可實施攻擊， 缺點是對付只有靜態(tài)頁面的網(wǎng)站效果會大打折扣，并且有些 Proxy 會暴露攻擊者的 IP 地址。

103.36.166.1

103.36.166.2

103.36.166.3

103.36.166.4

103.36.166.5

103.36.166.6

103.36.166.7

103.36.166.8

103.36.166.9

103.36.166.10

103.36.166.11

103.36.166.12

103.36.166.13

103.36.166.14

103.36.166.15

103.36.166.16

103.36.166.17

103.36.166.18

103.36.166.19

103.36.166.20

103.36.166.21

103.36.166.22

103.36.166.23

103.36.166.24

103.36.166.25

103.36.166.26

103.36.166.27

103.36.166.28

103.36.166.29

103.36.166.30

103.36.166.31

103.36.166.32

103.36.166.33

103.36.166.34

103.36.166.35

103.36.166.36

103.36.166.37

103.36.166.38

103.36.166.39

103.36.166.40

103.36.166.41

103.36.166.42

103.36.166.43

103.36.166.44

103.36.166.45

103.36.166.46

103.36.166.47

103.36.166.48

103.36.166.49

103.36.166.50

103.36.166.51

103.36.166.52

103.36.166.53

103.36.166.54

103.36.166.55

103.36.166.56

103.36.166.57

103.36.166.58

103.36.166.59

103.36.166.60

103.36.166.61

103.36.166.62

103.36.166.63

103.36.166.64

103.36.166.65

103.36.166.66

103.36.166.67

103.36.166.68

103.36.166.69

103.36.166.70

103.36.166.71

103.36.166.72

103.36.166.73

103.36.166.74

103.36.166.75

103.36.166.76

103.36.166.77

103.36.166.78

103.36.166.79

103.36.166.80

103.36.166.81

103.36.166.82

103.36.166.83

103.36.166.84

103.36.166.85

103.36.166.86

103.36.166.87

103.36.166.88

103.36.166.89

103.36.166.90

103.36.166.91

103.36.166.92

103.36.166.93

103.36.166.94

103.36.166.95

103.36.166.96

103.36.166.97

103.36.166.98

103.36.166.99

103.36.166.100

103.36.166.101

103.36.166.102

103.36.166.103

103.36.166.104

103.36.166.105

103.36.166.106

103.36.166.107

103.36.166.108

103.36.166.109

103.36.166.110

103.36.166.111

103.36.166.112

103.36.166.113

103.36.166.114

103.36.166.115

103.36.166.116

103.36.166.117

103.36.166.118

103.36.166.119

103.36.166.120

103.36.166.121

103.36.166.122

103.36.166.123

103.36.166.124

103.36.166.125

103.36.166.126

103.36.166.127

103.36.166.128

103.36.166.129

103.36.166.130

103.36.166.131

103.36.166.132

103.36.166.133

103.36.166.134

103.36.166.135

103.36.166.136

103.36.166.137

103.36.166.138

103.36.166.139

103.36.166.140

103.36.166.141

103.36.166.142

103.36.166.143

103.36.166.144

103.36.166.145

103.36.166.146

103.36.166.147

103.36.166.148

103.36.166.149

103.36.166.150

103.36.166.151

103.36.166.152

103.36.166.153

103.36.166.154

103.36.166.155

103.36.166.156

103.36.166.157

103.36.166.158

103.36.166.159

103.36.166.160

103.36.166.161

103.36.166.162

103.36.166.163

103.36.166.164

103.36.166.165

103.36.166.166

103.36.166.167

103.36.166.168

103.36.166.169

103.36.166.170

103.36.166.171

103.36.166.172

103.36.166.173

103.36.166.174

103.36.166.175

103.36.166.176

103.36.166.177

103.36.166.178

103.36.166.179

103.36.166.180

103.36.166.181

103.36.166.182

103.36.166.183

103.36.166.184

103.36.166.185

103.36.166.186

103.36.166.187

103.36.166.188

103.36.166.189

103.36.166.190

103.36.166.191

103.36.166.192

103.36.166.193

103.36.166.194

103.36.166.195

103.36.166.196

103.36.166.197

103.36.166.198

103.36.166.199

103.36.166.200

103.36.166.201

103.36.166.202

103.36.166.203

103.36.166.204

103.36.166.205

103.36.166.206

103.36.166.207

103.36.166.208

103.36.166.209

103.36.166.210

103.36.166.211

103.36.166.212

103.36.166.213

103.36.166.214

103.36.166.215

103.36.166.216

103.36.166.217

103.36.166.218

103.36.166.219

103.36.166.220

103.36.166.221

103.36.166.222

103.36.166.223

103.36.166.224

103.36.166.225

103.36.166.226

103.36.166.227

103.36.166.228

103.36.166.229

103.36.166.230

103.36.166.231

103.36.166.232

103.36.166.233

103.36.166.234

103.36.166.235

103.36.166.236

103.36.166.237

103.36.166.238

103.36.166.239

103.36.166.240

103.36.166.241

103.36.166.242

103.36.166.243

103.36.166.244

103.36.166.245

103.36.166.246

103.36.166.247

103.36.166.248

103.36.166.249

103.36.166.250

103.36.166.251

103.36.166.252

103.36.166.253

103.36.166.254

103.36.166.255

?