何謂DDoS攻擊?|What is DDoS Attack?

我相信各位Steemain 近來最熱列的話題肯定是最近Steemit受到的DDoS 攻擊，以致網站連不上，所以不能發帖，也不能看帖，更不能按讚了。而以我本人的感覺而言，Steemit大概也因為這個原因，所以我覺得網站一直也不太穏定，我大概有3到4次是有一段時間完全連不上Steemit了。而當大家都在說DDoS 攻擊的時候，到底你對DDoS的認識又有多少呢?所以，小弟想要開這個帖子，為大家簡單的介紹一下何謂DDoS攻擊。

I believe that every Strrmain most recently hot topic must be the recently DDoS attack against the Steemit. There are cases that we cannot connect to the website, and we cannot post our article, cannot read others article, cannot upvote. For my case, I feel that maybe because of this, the website is kind of not stable recently, and I experienced few times that I cannot connect to Steemit. And when most of us taling about DDoS attack, actually what is DDoS attack? And that’s why I would like to make this post to give you a very brief introduction on what DDoS attack is.

首先DDoS 攻擊是什麼?DDoS攻擊的英語全寫是Distributed Denial-of-Service attack. 中文的釋名為分散式阻斷服務攻擊，又叫洪水攻擊。簡單而言，就是使用網絡上兩台或以上的電腦向網絡上特定的目標發重拒絶服務式的攻擊，使目標的網絡或系統資源耗盡，從而使其服務暫時中斷。

First of all, the full name of DDoS attack is “Distributed Denial-of-Service attack”. It is a cyber-attack that the hackers use numerous computers or devices to make a target machine or network resource unavailable to its users by temporarily disrupting services of a host connected to the Internet.

首先，大家要理解網絡上數據的傳送是以封包的形式進行。電腦會把你要傳送的資訊，分開成不同的網路封包來傳送給目標電腦。然後目標電腦就會收集你所有傳送過來的網路封包，然後再組成你原本傳送過來的資訊。不過要是目標電腦在同一時間有太多的網路封包要處理的話會怎樣呢?

First, we have to understand that the data transfer in the network is in the form of network packet. The computer will divide your message into different network packet and transfer to the target computer. And once the target computer receives your network packet, it will start to build it back to your transferred message. However, how if there are too many packet need to handle?

大家可以想像一下一間銀行，原本有10個櫃枱，可以迅速的處理100個客人的事情，要是有200個客人呢?可能要等多一點的時間，不過銀行還是能夠運作，提供足夠的服務。可是，如果背後有一個大壞蛋，他同時派了10,000個人來銀行要求提款的話，大家可以想像到會發生什麼事情嗎? 對的，第一件事情就是通往銀行的道路被迫爆了，人們都進不了去。第二件事情就是銀行的運作會馬上被崩潰，服務會馬上停止了。

Let’s imagine a bank, it have 10 counters, which could serve 100 clients. If there are 200 clients, it should still be fine, we just have to wait a bit longer, but the bank can still operate. However, what if a bad guy who control 10,000 people to withdraw at the bank at the same time? Yes, I bet you can imagine it. The first thing is the road to reach the bank would be jammed. The second thing is the operation of the bank will be down, and the bank cannot provide service anymore.

而DDoS 攻擊的原理也是一樣，黑客在背後可能會有很多台電腦，什至可能會有成千上萬的所謂殭屍電腦。他們就用這些龐大的電腦群來對目標網站不停的進行“訪問”(訪問的方式可以有很多，包括SYN flood、LAND attack、ping of death…在這裏我就不詳述了)，以致網站的網絡跟伺服器的資源承受不了如此大規模的運作需求，最後網站的服務就被逼停頓了。

And they theory of DDoS is more or less the same. Hackers control a lot of computers in the dark, actually they may even control ten thousands of the so called Zombie computers. And the hackers would use those huge amount of computers to perform “visit” to the target website (there are a lot of different forms of visit, including SYN flood, LAND attack, ping of death… but I am not planning to explain too much here), which leads the target website’s network and server’s resources cannot bear such huge amount of operation request. And finally the web service was forced to be down.

當然，如果我們要真正了解DDoS攻擊的話，我們需要更深入的討論，但希望這個帖子能夠給大家關於DDoS攻擊的基本認識。還有，更重要的是希望大家首先要避免自己成為DDoS攻擊的一份子，即是避免自己的電腦成為彊屍電腦的一份子。如何做到? 安裝防毒軟件永遠是第一步！

Of course, if we want to truly understand what DDoS is, we have to discuss so much more. But I hope this article will provide you a brief concept of the DDoS attack. And what’s more important is, don’t let yourself to become part of the DDoS attack, that means don’t let your computer become one of the Zombie computer. How? Install anti-virus is the first step!

---

Thanks for reading, I hope you enjoy it!
And please follow me and see my other post if you like it: @victorier

感謝你的閱讀，希望你會喜歡!
如果你覺得不錯的話請你追蹤我，也可以看我其他的文章: @victorier