DDOS attack ! - Firewalls

This is a discussion on DDOS attack ! - Firewalls ; Geeeesh ... my server, running MS IIS, just got DDOS attacked and died. Dunno who launch it yet. And trying to fix the mess, and in the meantime, these are the stuffs I found online -- Utility like Hardenit ( ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: DDOS attack !

  1. DDOS attack !

    Geeeesh ... my server, running MS IIS, just got DDOS attacked and
    died. Dunno who launch it yet.

    And trying to fix the mess, and in the meantime, these are the stuffs
    I found online --

    Utility like Hardenit (http://sniffem.exaserve.net/Hardenit.exe), and
    registry hack at http://utilities4life.blogspot.com/2...anti-ddos.html

    Have some questions ---

    A. Are the utility/registry hack the above links provided effective
    against DDOS ?

    B. What other things that I can use to beef up my server? Any
    suggestion?

    Thanks a million !!!

  2. Re: DDOS attack !

    Am Sun, 02 Nov 2008 01:51:56 -0700 schrieb Penang:


    > A. Are the utility/registry hack the above links provided effective
    > against DDOS ?


    I don't think so, it depends how worked the attack. Analyze logfiles and
    find out why the server crashed.

    > B. What other things that I can use to beef up my server? Any
    > suggestion?


    It depends on your network infrastructure and how the attack works, if you
    can see specific patterns you could rdirect or filter traffic in some
    cases.

  3. Re: DDOS attack !

    On Nov 2, 12:51*am, Penang wrote:
    > Geeeesh ... my server, running MS IIS, just got DDOS attacked and
    > died. Dunno who launch it yet.
    >
    > And trying to fix the mess, and in the meantime, these are the stuffs
    > I found online --
    >
    > Utility like Hardenit (http://sniffem.exaserve.net/Hardenit.exe), and
    > registry hack athttp://utilities4life.blogspot.com/2007/08/how-to-make-your-computer-...
    >
    > Have some questions ---
    >
    > A. Are the utility/registry hack the above links provided effective
    > against DDOS ?
    >
    > B. What other things that I can use to beef up my server? Any
    > suggestion?
    >
    > Thanks a million !!!



    It all depends on the exploit that the DDoS takes advantage of.

    Using a traffic jam as analogy:
    road = network pipe (more lanes == more bandwidth)
    cars = request/response
    point A and B along the road represent the web client and web server
    being accessed via the network connection

    DDoS can:
    1. Send so many cars along the road between points A and B that your
    car cannot traverse between them. In this case, you have to use
    Networking Equipment to filter out the bad traffic, clear out the cars
    on the road so that you can get between points A and B
    2. Send cars which slow down around points A and B, thus blocking you
    from reaching them. This may be exploiting bugs in the OS, which is
    considered a DDoS vulnerability and needs to be patched. There *may*
    be registry changes that can mitigate the vulnerability. It all
    depends on the bug

    Thus, there aren't any utilities or registry hacks that make your
    computer effectively deal with DDoS. There are no tools or
    instructions which you can run to make yourself immune from DDoS. #1
    is always possible and unavoidable with the Internet. #2 requires
    constant vigilance to update server software as vulnerabilities are
    found.


    //David
    http://w3-4u.blogspot.com
    http://blogs.msdn.com/David.Wang
    //

  4. Re: DDOS attack !

    In comp.security.firewalls David Wang wrote:
    > It all depends on the exploit that the DDoS takes advantage of.
    >
    > Using a traffic jam as analogy:
    > road = network pipe (more lanes == more bandwidth)
    > cars = request/response
    > point A and B along the road represent the web client and web server
    > being accessed via the network connection
    >
    > DDoS can:
    > 1. Send so many cars along the road between points A and B that your
    > car cannot traverse between them. In this case, you have to use
    > Networking Equipment to filter out the bad traffic, clear out the cars
    > on the road so that you can get between points A and B
    > 2. Send cars which slow down around points A and B, thus blocking you
    > from reaching them. This may be exploiting bugs in the OS, which is
    > considered a DDoS vulnerability and needs to be patched. There *may*
    > be registry changes that can mitigate the vulnerability. It all
    > depends on the bug
    >
    > Thus, there aren't any utilities or registry hacks that make your
    > computer effectively deal with DDoS. There are no tools or
    > instructions which you can run to make yourself immune from DDoS. #1
    > is always possible and unavoidable with the Internet. #2 requires
    > constant vigilance to update server software as vulnerabilities are
    > found.


    Not entirely true. While it's correct that bandwidth exhaustion can only
    be handled upstream, there are of course other types of DDoS (e.g. SYN
    flooding) that can very well be handled at your end. And although
    patching known bugs is the best way to deal with DoS conditions in
    services, there are other ways to mitigate this kind of threat, namely
    application level gateways (like mod_security for the Apache web
    server).

    Braindead X-post removed, f'up2csf.

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

  5. I hate mosquitoes...



    "Penang" wrote in message
    news:b171d12d-dfdd-41c1-a5c3-693563e480f7@t39g2000prh.googlegroups.com...
    > Geeeesh ... my server, running MS IIS, just got DDOS attacked and
    > died. Dunno who launch it yet.
    >
    > And trying to fix the mess, and in the meantime, these are the stuffs
    > I found online --
    >
    > Utility like Hardenit (http://sniffem.exaserve.net/Hardenit.exe), and
    > registry hack at
    > http://utilities4life.blogspot.com/2...anti-ddos.html
    >
    > Have some questions ---
    >
    > A. Are the utility/registry hack the above links provided effective
    > against DDOS ?
    >
    > B. What other things that I can use to beef up my server? Any
    > suggestion?
    >
    > Thanks a million !!!


    Seriously, i hate them ... i hate mosquitoes.
    M O S Q U I T O E S ... i hate them


+ Reply to Thread