Snort mailing list archives
Is this a Denial of Service (DOS) attack on the Internet Information Services (IIS) Web Server?
From: Turritopsis Dohrnii Teo En Ming <turritopsis.dohrnii () teo-en-ming com>
Date: Thu, 1 Nov 2018 10:26:21 +0000
Good evening from Singapore, The IT company I am working in has a customer/client in the shipping industry. They are running Windows Server with Internet Information Services 6.0 web server. Since 13 October 2018, their IIS web server logs have grown extremely huge (465 Gigabytes to-date) and completely filled up the entire C:\ drive, leaving it without any free space. Nobody can access any web application now. Is this characteristic or symptom of a Denial of Service (DOS) attack? Should I advise the client to turn on Intrusion Prevention System (IPS) and Flood Protection and enable Geo-IP Filter and Botnet Filter at the firewall/network security appliance level to mitigate DOS attacks? Please advise. Thank you very much. 1st November 2018 Thursday 6:25 PM Singapore Time GMT+8 ===BEGIN SIGNATURE=== Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 30 Oct 2017 [1] https://tdtemcerts.wordpress.com/ [2] http://tdtemcerts.blogspot.sg/ [3] https://www.scribd.com/user/270125049/Teo-En-Ming ===END SIGNATURE=== _______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Is this a Denial of Service (DOS) attack on the Internet Information Services (IIS) Web Server? Turritopsis Dohrnii Teo En Ming (Nov 01)
- Re: Is this a Denial of Service (DOS) attack on the Internet Information Services (IIS) Web Server? wkitty42--- via Snort-users (Nov 01)