Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [denial-of-service]

Denial of service attack, is an attempt through some means to make a computer or network resource unavailable.

Some systems are susceptible to a simple "ping of death", where the amount of ping traffic is enough to disrupt their connectivity to the internet.

In more common scenarios, the amount of available upstream bandwidth becomes saturated by repeated requests for a file on the target computer, or by large UDP packets.
When the attack comes from more than one source IP, it is known as a distributed denial of service attack or DDOS

167 questions
2
votes
5 answers

DDoS attacks

How to prevent DDoS attacks on Windows/IIS servers ?
nitins
  • 2,579
  • 15
  • 44
  • 68
2
votes
3 answers

Apache mod status is showing ..reading

Recently my apache got DoS attack, it happened attacker flood SYN request to our apache, i know because at that time i have wireshark enabled. After the attack finished, i restart my apache and its all back to run normal. But the problem when i…
NoodleX
  • 183
  • 1
  • 1
  • 6
2
votes
2 answers

How do you stop PINGs from causing a DOS on a Linux server?

Have a CentOS-5.x box that appears to be going down as a result of PINGs. If the server gets PINGs it stops replying to ssh/http connections. Appears iptable is one approach, but I want to make sure I'm doing everything I should do.
blunders
  • 813
  • 7
  • 14
  • 30
2
votes
1 answer

Identifying cause of too many CLOSE_WAIT in IIS

I have a windows server running a web api that serves an android app, and today I started getting alarms saying that my server was timing out. This server is running behind Cloud Flare. When I connected to the server via RDC, I noticed that it was…
User_52345
  • 31
  • 2
1
vote
4 answers

Brainstorm: Flood/DoS/DDoS Attack prevention ideas

This is not a question asking how to stop an attack. This is simply a thread for anyone and everyone to discuss ideas for preventing, dealing with, and keeping your server alive during these attacks. Do not discuss using 3rd party software, this is…
Gnarly
1
vote
1 answer

Sign In Logs With No Client App

We've been having some issues with our Office 365 services, specifically Exchange online. Some of our users are getting attacked from various countries in attempts to get into their accounts. We're pretty good from a security perspective (I think..)…
Andrew Emmett
  • 11
  • 2
1
vote
1 answer

Mitigating 404 bomb with Nginx

I am hit with 404 queries and this is bringing down my machine. Close to all of my pages are http cached and I have some basic Dos protection with limit_conn_zone $http_x_forwarded_for zone=addr:10m; limit_conn addr 8; limit_req_zone…
Quintin Par
  • 4,373
  • 11
  • 49
  • 72
1
vote
1 answer

How can I protect against Slowloris on a NGINX server?

Well, I recently discovered that my site(s) were vunerable to the Slowloris attack. A few seconds in after testing the attack on my server just to verify it was Slowloris that was causing the issue, it instantly started having connection issues. How…
SilverMight
  • 11
  • 2
1
vote
2 answers

Iptables protection against port scanners without DoS vulnerability

Archwiki features an article with suggestions for a stateful iptables firewall. They recommend some rules to trick port scanners, but advise that they open up a vulnerability for DoS attacks. In particular, by denying access to IPs that continuously…
andresgongora
  • 115
  • 6
1
vote
2 answers

Can I uncleanly close a TCP connection, to mitigate a denial-of-service attack?

I work on a web service which could be the target of a denial-of-service attack. We have in place some mitigations against "SYN flood" style attacks. But there are other "application-level" attacks against our service, where a malicious/broken…
Jim Fisher
  • 11
  • 1
1
vote
3 answers

Ethernet jamming

I just had a weird experience on my home network. Our ethernet went down; pinging an adjacent host was impossible. I checked the switch; all lights were on and flickering, although they were flickering in synch which was a bit worrying. Then I…
Paul Johnson
  • 159
  • 1
  • 6
1
vote
1 answer

How to Reduce Apache-php Vulnerability to DOS Attacks?

Denial of Service Attacks Denial of service attacks are a common threat to consider when hosting a website on the internet. Although most security vulnerabilities can be prevented by avoiding dangerous coding habits/techniques, DOS protection…
Hackstaar
  • 111
  • 2
1
vote
2 answers

Best way to use large IP blacklist to deny access to a Windows 2008 web server?

Basically, I'm looking for a solution similar to the ones mentioned in a similar (but Linux-focussed thread) located here so that I can deny access to blacklisted IPs. I am specifically focussed on trashy form submissions to a number of publicly…
fordareh
  • 660
  • 1
  • 7
  • 16
1
vote
1 answer

udp flooding prevention using iptables

i want prevent udp flooding so i think if i drop all udps that don't come from the internal network and not relate to a udp connection i can prevent udp flooding. in the other word if only udps that come from internal network and also udps that come…
tarane
  • 11
  • 1
  • 2
1
vote
0 answers

Multiple IPs for one server to switch it in case of DoS / DDoS?

I'll run a server to secure a blockchain network (many servers with exposed IPs - no domains!). There will be only SSH, Fail2Ban, UFW, MONIT and the needed blockchain-client running on the server. Nothing more. Now I am thinking about a…
John Doof
  • 179
  • 3
  • 10
1 2 3
11 12