Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [denial-of-service]

Denial of service attack, is an attempt through some means to make a computer or network resource unavailable.

Some systems are susceptible to a simple "ping of death", where the amount of ping traffic is enough to disrupt their connectivity to the internet.

In more common scenarios, the amount of available upstream bandwidth becomes saturated by repeated requests for a file on the target computer, or by large UDP packets.
When the attack comes from more than one source IP, it is known as a distributed denial of service attack or DDOS

167 questions
1
vote
2 answers

Quantifying site response in case of DOS/DDOS attack tests

Let us say that we need to test a HTTPS web site for vulnerability/response in case of DOS/DDOS attacks. Among other tools, we can use GoldenEye for this purpose. We can vary the number of workers and agents, thus varying the scale of attack. How…
Masroor
  • 183
  • 1
  • 9
1
vote
2 answers

Is it normal for a VPS provider to claim DoS attacks often?

I have been using a well-known VPS service for over an year. Everything is good except one thing that once in a while, there will be some DoS attack. And when it happens, my server becomes unaccessible. While I was using the WordPress in my website…
Joe Huang
  • 225
  • 3
  • 8
1
vote
2 answers

Finding Evidence of a Denial of Service Attack (Linux)

We had a Gentoo Linux server (that was updated weekly or bi weekly) that higher ups claimed did a denial of service attack on the whole local network and brought it down. Are there any log files we can look at to see evidence of this? We don't have…
bobber205
1
vote
1 answer

Repetitive / incessant hits to pages, blank referrer, non-malicious

I asked this question last week, and followed the debugging advice and now have additional information. I have an odd problem-- on a high traffic website (millions of visitors a month), every day we get about 20 or so situations where one host…
arron
1
vote
2 answers

How do I stop a simple DDOS attack?

There is a hacker who is mad at us, and has started a DDOS attack against us. I think he is a script-kiddie, using tools like DarkComet; the attack is probably simple. I host a server on my PC. The server is on my public IP. I am using a router. The…
Martynas Skirmantas
1
vote
1 answer

Frequent SIGTERM Apache

I suspect sometings is going wrong in my webserver (maybe possible DoS attack). In fact I see a lot of such entries: [Sun Jul 19 10:36:21 2015] [error] [client 141.212.122.18] client sent HTTP/1.1 request without hostname (see RFC2616 section…
gdm
  • 459
  • 2
  • 5
  • 19
1
vote
1 answer

Google App Engine's blacklist not listing top IP addresses

I'm dealing with DOS attacks at the moment and could use a hand. In the past, App Engine would show the top IP Addresses hitting an instance on https://appengine.google.com/blacklist, but it's not showing them anymore. There doesn't seem to be a way…
bsautner
  • 121
  • 5
1
vote
3 answers

What is the best way to prevent somone abusing access to your site using scripts?

What is the best way to prevent someone abusing access to your site using scripts?
Yogi
1
vote
1 answer

Benefits of separate firewall product over AWS Security Groups for spam requests

I have a question that is an extension of this one: Examples where an AWS Security Group is not sufficient as a firewall?. Initially, the answer in that question made sense to me and I was working with the assumption that the firewall that is an AWS…
readyornot
  • 163
  • 2
  • 8
1
vote
1 answer

Drupal application load troubleshooting

I'm receiving some sporadic high server load on a Drupal application (really high. 8 cores, load average of 50). The load is normally sitting between 5-10. The Drupal application sits behind a separate Varnish server, which keeps things looking…
rca86
  • 11
  • 2
1
vote
1 answer

Kali SYN Flood (Metasploit), not denying service

I have a server with apache2 installed. I tried to do a dos attack on the server by using kali linux syn flood attack, but i am still able to access the website on the server. msf auxiliary(synflood) > set Global No entries in data store. Module:…
Abdul
  • 11
  • 1
  • 2
1
vote
2 answers

trustwave pci scan: dns amplification denial of service, Bind 9.8.1-P1, doesn't seem like it

In our last TW PCI scan, one of our flags was "DNS Amplification Denial of Service". Right now, the DNS server is running Bind 9.8.1-P1. It seems like the CVEs are for a much older version: CVE-2006-0988, CVE-2006-0987. Given as evidence…
user145837
  • 371
  • 5
  • 18
1
vote
1 answer

How To Protect Tomcat 7 Against Slowloris Attack

I'm using Apache Tomcat 7 to run my webapp on Linux. I scanned it by Acunetix and it's telling me that my webapp is vulnerable to "Slow HTTP Denial of Service Attack". How can I protect it? Acunetix is reffering me to here, but it's about securing…
Amin Sh
  • 131
  • 1
  • 6
1
vote
3 answers

How to protect server from simple DoS attack

Please note I am NOT asking how to protect server from DDoS. What I mean is that if someone runs siege -c 1000 www.example.com on his VPS. That will result in my server serving thousands of requests and slowing down. If I run siege targeted to say,…
Tomáš Fejfar
  • 147
  • 1
  • 9
1
vote
2 answers

HTTP server, SYN flooding, and DoS attack questions

I am making an http server in c. It is in a pre-alpha stage but seemed to be stable enough to deploy on my server and run 4 minimal websites. It has been running seamlessly for two days until this morning. The daemon was not running and did not exit…
user16517
  • 233
  • 1
  • 4
  • 9
1 2 3
11 12