Solution and Prevention Measures
You can take measures to defend against UDP amplification attacks based on service requirements. The following provides some recommended protection measures for your reference.
- Pay attention to the latest security advisories and bulletins released by security vendors, and implement targeted protection policies against such attacks in a timely manner.
- Use firewalls to control access to the UDP ports of ECSs.
- Configure security groups to control access to UDP ports. For details, see Configuring Security Group Rules.
- Configure local IP addresses, disable external access, disable the UDP protocol, and enable login authentication.
- Adjust some parameters and restart the server to disable UDP.
- Create a profile of normal packet sizes based historical data, so you can easily detect overly small or overly large packets that may be part of the attack traffic.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.