Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [denial-of-service]

Denial of service attack, is an attempt through some means to make a computer or network resource unavailable.

Some systems are susceptible to a simple "ping of death", where the amount of ping traffic is enough to disrupt their connectivity to the internet.

In more common scenarios, the amount of available upstream bandwidth becomes saturated by repeated requests for a file on the target computer, or by large UDP packets.
When the attack comes from more than one source IP, it is known as a distributed denial of service attack or DDOS

167 questions
2
votes
1 answer

Nginx too many open files DDOS

Im having an issue with ddos at the moment. My web server is behind a reverse-proxy (cloudflare), which I know shouldn't be relied on with their free plan. Cloudflare is in under-attack-mode, which causes visitors to complete a browser check.…
user3161223
  • 21
  • 1
  • 3
2
votes
1 answer

Is it possible to bring down a network with DHCP discover?

When a DHCP server receives a DHCP discover message it broadcasts the offer across the entire network. If a malicious machine joined a network and somehow began spamming DHCP discover messages, would the resulting high number of broadcasts from the…
Oscar Robinson
  • 135
  • 5
2
votes
6 answers

Securing against DDoS

My client would like to have his eCommerce (custom-made) site secured from DDoS attacks. What strategies can I implement? There are multiple forms in the purchasing flow --- searching, drilling-down to the product, user information and payment and I…
gAMBOOKa
  • 999
  • 6
  • 19
  • 34
2
votes
0 answers

Preventing NFS Denial of Service

I have a NFS4 server running Ubuntu 10.04 Server, on an enterprise environment with 50+ clients. Overall, everything works fine, but from time to time, some client starts making +1000 NFS operations per second, usually because of a client software…
Jorge Suárez de Lis
  • 391
  • 8
  • 22
2
votes
3 answers

Identifying DDOS Attacks on Windows 2008 Servers

I recently was notified by my monitoring service that a few Windows 2008 servers (hyper-v instances) were down. I logged into the Hyper-V box and noticed everything was super slow. I opened task manager and saw that while CPU and RAM were fine,…
Adam Brand
  • 6,127
  • 2
  • 30
  • 40
2
votes
2 answers

Kernel Printk: xx message suppressed

Hi I have a watchguard firewall, and I lost access to the firewall before xmas, therefore I visited the site, upgraded the firewall to the latest firmware but unfortunatly, I am now having similar issues where I will lose access to the firewall,…
Kevin
  • 87
  • 1
  • 7
2
votes
2 answers

Resolving a prolonged DDoS

I've been totally unable to use my server for the last couple of days. I've been contacting the owners of the IP's who are attacking me but its an uphill battle. Since I don't know who is doing the attack, what can I do to stop the attack? I've…
devnill
  • 307
  • 1
  • 2
  • 19
2
votes
1 answer

DoS - Apache threads hanging when not receiving TCP ACKs after sending HTTP response

In summary, I had a case where all Apache threads were hung because all of them were waiting for a TCP ACK from clients after having sent the HTTP page, and because of that, the Apache threads were waiting 300s (Timeout value of conf) before going…
nand
  • 21
  • 3
2
votes
1 answer

nginx: Prevent DoS by limiting worker processes/connections

If I limit my nginx worker processes to 1 and allow for 500 connections, what happens if I exceed this limit? Does the server return a 503 Service Unavailable? Basically, I'm trying to secure my system against DoS and do not expect more than 500…
Frank Vilea
  • 561
  • 2
  • 8
  • 16
2
votes
2 answers

How do I locate a process on Debian Linux that is creating a large amount of network traffic?

Possible Duplicate: My server's been hacked EMERGENCY We have a remote Linux (Debian) server, which is, apparently, being used as a platform to commit a DoS attack. We have been warned by the company hosting our server that we have a large amount…
bobble14988
  • 235
  • 2
  • 8
2
votes
1 answer

Where can I find DoS attack simulator

I am taking a Security module and my project team intend to study DoS attacks by simulating them to better understand the mechanism, the damage and preventing mechanism, etc... Could someone please give me an advice on where I can find a good DoS…
Mr.J4mes
  • 121
  • 3
2
votes
1 answer

Protecting against UDP flood

One of my servers is being flooded with udp packets on random ports. 12:11:54.190442 IP 182.48.38.227.60173 > localhost.51523: UDP, length 1 12:11:54.190447 IP 182.48.38.227.60173 > localhost.23769: UDP, length 1 12:11:54.190560 IP…
Balon
  • 145
  • 1
  • 8
2
votes
2 answers

DDoS Attacks on Game Servers

We run a fairly large game server hosting company with about 60 machines running Server 2008, and DDoS attacks something we have been dealing with for a long time. Unfortunately, due to the prices of the market, there is no way that us or any other…
Aidan Knight
  • 650
  • 3
  • 11
  • 19
2
votes
2 answers

What does the arxiv.org anti-bot "search and destroy" actually do?

The lanl.arxiv.org math and scientific preprint service (formerly known as xxx.lanl.gov) has a strict policy against bots that ignore its robots.txt, Robots Beware. On that page, the have a link labelled with "Click here to initiate automated…
Brian Campbell
  • 377
  • 3
  • 8
2
votes
4 answers

AD Domain Controllers being Slammed

My Windows Server 2008 Domain Controllers are getting hundreds of log in attempts per minute. For the most part the IP addresses are not in the Event Log however the ones that do occasionally show up tend to be from an Anonymous surfing site.…
user9120
1 2 3
11 12