DDOS attack !

Geeeesh ... my server, running MS IIS, just got DDOS attacked and died. Dunno who launch it yet.

And trying to fix the mess, and in the meantime, these are the stuffs I found online --

Utility like Hardenit

formatting link
and registry hack at
formatting link

Have some questions ---

A. Are the utility/registry hack the above links provided effective against DDOS ?

B. What other things that I can use to beef up my server? Any suggestion?

Thanks a million !!!

Reply to
Penang
Loading thread data ...

ur-computer-...

It all depends on the exploit that the DDoS takes advantage of.

Using a traffic jam as analogy: road = network pipe (more lanes == more bandwidth) cars = request/response point A and B along the road represent the web client and web server being accessed via the network connection

DDoS can:

  1. Send so many cars along the road between points A and B that your car cannot traverse between them. In this case, you have to use Networking Equipment to filter out the bad traffic, clear out the cars on the road so that you can get between points A and B
  2. Send cars which slow down around points A and B, thus blocking you from reaching them. This may be exploiting bugs in the OS, which is considered a DDoS vulnerability and needs to be patched. There *may* be registry changes that can mitigate the vulnerability. It all depends on the bug

Thus, there aren't any utilities or registry hacks that make your computer effectively deal with DDoS. There are no tools or instructions which you can run to make yourself immune from DDoS. #1 is always possible and unavoidable with the Internet. #2 requires constant vigilance to update server software as vulnerabilities are found.

//David

formatting link
formatting link
//

Reply to
David Wang

Not entirely true. While it's correct that bandwidth exhaustion can only be handled upstream, there are of course other types of DDoS (e.g. SYN flooding) that can very well be handled at your end. And although patching known bugs is the best way to deal with DoS conditions in services, there are other ways to mitigate this kind of threat, namely application level gateways (like mod_security for the Apache web server).

Braindead X-post removed, f'up2csf.

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

I DDoS-ed my bank account... i took out money again and again and now i cant do it anymore.Ah,the humanity!

Reply to
MindFever

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.