DDOS attack ! - Firewalls
This is a discussion on DDOS attack ! - Firewalls ; Geeeesh ... my server, running MS IIS, just got DDOS attacked and
died. Dunno who launch it yet.
And trying to fix the mess, and in the meantime, these are the stuffs
I found online --
Utility like Hardenit ( ...
-
DDOS attack !
Geeeesh ... my server, running MS IIS, just got DDOS attacked and
died. Dunno who launch it yet.
And trying to fix the mess, and in the meantime, these are the stuffs
I found online --
Utility like Hardenit (http://sniffem.exaserve.net/Hardenit.exe), and
registry hack at http://utilities4life.blogspot.com/2...anti-ddos.html
Have some questions ---
A. Are the utility/registry hack the above links provided effective
against DDOS ?
B. What other things that I can use to beef up my server? Any
suggestion?
Thanks a million !!!
-
Re: DDOS attack !
Am Sun, 02 Nov 2008 01:51:56 -0700 schrieb Penang:
> A. Are the utility/registry hack the above links provided effective
> against DDOS ?
I don't think so, it depends how worked the attack. Analyze logfiles and
find out why the server crashed.
> B. What other things that I can use to beef up my server? Any
> suggestion?
It depends on your network infrastructure and how the attack works, if you
can see specific patterns you could rdirect or filter traffic in some
cases.
-
Re: DDOS attack !
On Nov 2, 12:51*am, Penang wrote:
> Geeeesh ... my server, running MS IIS, just got DDOS attacked and
> died. Dunno who launch it yet.
>
> And trying to fix the mess, and in the meantime, these are the stuffs
> I found online --
>
> Utility like Hardenit (http://sniffem.exaserve.net/Hardenit.exe), and
> registry hack athttp://utilities4life.blogspot.com/2007/08/how-to-make-your-computer-...
>
> Have some questions ---
>
> A. Are the utility/registry hack the above links provided effective
> against DDOS ?
>
> B. What other things that I can use to beef up my server? Any
> suggestion?
>
> Thanks a million !!!
It all depends on the exploit that the DDoS takes advantage of.
Using a traffic jam as analogy:
road = network pipe (more lanes == more bandwidth)
cars = request/response
point A and B along the road represent the web client and web server
being accessed via the network connection
DDoS can:
1. Send so many cars along the road between points A and B that your
car cannot traverse between them. In this case, you have to use
Networking Equipment to filter out the bad traffic, clear out the cars
on the road so that you can get between points A and B
2. Send cars which slow down around points A and B, thus blocking you
from reaching them. This may be exploiting bugs in the OS, which is
considered a DDoS vulnerability and needs to be patched. There *may*
be registry changes that can mitigate the vulnerability. It all
depends on the bug
Thus, there aren't any utilities or registry hacks that make your
computer effectively deal with DDoS. There are no tools or
instructions which you can run to make yourself immune from DDoS. #1
is always possible and unavoidable with the Internet. #2 requires
constant vigilance to update server software as vulnerabilities are
found.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
-
Re: DDOS attack !
In comp.security.firewalls David Wang wrote:
> It all depends on the exploit that the DDoS takes advantage of.
>
> Using a traffic jam as analogy:
> road = network pipe (more lanes == more bandwidth)
> cars = request/response
> point A and B along the road represent the web client and web server
> being accessed via the network connection
>
> DDoS can:
> 1. Send so many cars along the road between points A and B that your
> car cannot traverse between them. In this case, you have to use
> Networking Equipment to filter out the bad traffic, clear out the cars
> on the road so that you can get between points A and B
> 2. Send cars which slow down around points A and B, thus blocking you
> from reaching them. This may be exploiting bugs in the OS, which is
> considered a DDoS vulnerability and needs to be patched. There *may*
> be registry changes that can mitigate the vulnerability. It all
> depends on the bug
>
> Thus, there aren't any utilities or registry hacks that make your
> computer effectively deal with DDoS. There are no tools or
> instructions which you can run to make yourself immune from DDoS. #1
> is always possible and unavoidable with the Internet. #2 requires
> constant vigilance to update server software as vulnerabilities are
> found.
Not entirely true. While it's correct that bandwidth exhaustion can only
be handled upstream, there are of course other types of DDoS (e.g. SYN
flooding) that can very well be handled at your end. And although
patching known bugs is the best way to deal with DoS conditions in
services, there are other ways to mitigate this kind of threat, namely
application level gateways (like mod_security for the Apache web
server).
Braindead X-post removed, f'up2csf.
cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
-
I hate mosquitoes...
"Penang" wrote in message
news:b171d12d-dfdd-41c1-a5c3-693563e480f7@t39g2000prh.googlegroups.com...
> Geeeesh ... my server, running MS IIS, just got DDOS attacked and
> died. Dunno who launch it yet.
>
> And trying to fix the mess, and in the meantime, these are the stuffs
> I found online --
>
> Utility like Hardenit (http://sniffem.exaserve.net/Hardenit.exe), and
> registry hack at
> http://utilities4life.blogspot.com/2...anti-ddos.html
>
> Have some questions ---
>
> A. Are the utility/registry hack the above links provided effective
> against DDOS ?
>
> B. What other things that I can use to beef up my server? Any
> suggestion?
>
> Thanks a million !!!
Seriously, i hate them ... i hate mosquitoes.
M O S Q U I T O E S ... i hate them
