Security Incidents mailing list archives
Re: DOS ATTACK
From: "Micheal Patterson" <micheal () cancercare net>
Date: Tue, 29 Oct 2002 01:20:29 -0600
There is something else that can possibly be done to keep the server itself from overloading.. Under IIS's properties for the web site, there is an otion to limit the number of concurrent connections. If your friend can determine the actual number of hits that he normally gets, and it's lower than what he's getting now, drop the concurrent connection limit under the "Web Site" tab of the site in question to something more realistic. It defaults to Unlimited as I recall. This won't keep the pipe from filling up, but it should help keep the server from killing itself. In the meantime, collect any evidence that you have regarding the source site causing the attack and report them. -- Micheal Patterson Network Administration Cancer Care Network ----- Original Message ----- From: "Hunt, Jim" <Jim.Hunt () nwsc k12 in us> To: <Incidents () securityfocus com> Sent: Sunday, October 27, 2002 10:59 PM Subject: DOS ATTACK
I have a friend that has a DOS Attack going on against their website. It
is being done by someone with a very popular website trying to squash a little guy. He is doing it be placing 1 pixel by 1 pixel inline frames in his webpages and having them load my friends webpage. It is killing his server and bandwidth.
What can we do to block? The Server is W2K with IIS. Thanks!
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- DOS ATTACK Hunt, Jim (Oct 28)
- Re: DOS ATTACK james (Oct 28)
- Re: DOS ATTACK Alex Lambert (Oct 28)
- RE: DOS ATTACK Jonathan A. Zdziarski (Oct 28)
- Re: DOS ATTACK Hugo van der Kooij (Oct 28)
- Re: DOS ATTACK Blake Girardot (Oct 28)
- RE: DOS ATTACK Jonathan A. Zdziarski (Oct 29)
- Re: DOS ATTACK Micheal Patterson (Oct 29)
- Re: DOS ATTACK Gary Flynn (Oct 30)
- Re: DOS ATTACK Kurt Seifried (Oct 31)
- Re: DOS ATTACK Jay D. Dyson (Oct 31)
- Re: DOS ATTACK Gary Flynn (Oct 31)
- Re: DOS ATTACK Gary Flynn (Oct 30)
- Re: DOS ATTACK Richard Archer (Oct 29)
- <Possible follow-ups>
- RE: DOS ATTACK David Vincent (Oct 28)
- RE: DOS ATTACK McCammon, Keith (Oct 28)
- RE: DOS ATTACK Rob Keown (Oct 28)
- RE: DOS ATTACK Muhammad Faisal Rauf Danka (Oct 28)
- RE: DOS ATTACK Black, Braden (Oct 29)
(Thread continues...)
- Re: DOS ATTACK james (Oct 28)