-
mjn
delphi iis denial-of-service webbroker
What can I do to protect Web service/ WebBroker application against Denial of Service attack? the attack causes IIS to create huge amount of webbroker instances at the same moment of time. the webbroker does not have enough time to start and response before a new request comes. that sometimes causes the webbroker to crash. Is there some sort of limitation of request per minute or some way to put requests into the queue? thank you.
-
SyntaxT3rr0r
java floating-point denial-of-service
There’s an easy way to totally lock a lot of JVM:class runhang { public static void main(String[] args) {System.out.println(“Test:”);double d = Double.parseDouble(“2.2250738585072012e-308”);System.out.println(“Value: ” + d);} }or, to hang the compiler:class compilehang { public static void main(String[] args) {double d = 2.2250738585072012e-308;System.out.println(“Value: ” + d);} }as explained here: http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/My question is
-
Mala
linux processes fork denial-of-service
Is there a way to prevent users from locking up a linux machine with code something along the lines of:#import <stdio.h> int main (int argc, char** argv) {while (1)fork(); }The computers in question are in a computer lab, so I can’t exactly disallow compiling… but is there some way of ensuring such processes only consume a certain portion of the system resources? The importance of this issue is compounded by the fact that any user can ssh into any of the systems, so really the only reaso
-
user16517
linux http denial-of-service
I am making an http server in c. It is in a pre-alpha stage but seemed to be stable enough to deploy on my server and run 4 minimal websites. It has been running seamlessly for two days until this morning. The daemon was not running and did not exit cleanly. I looked in the logs and found about 10 lines in a row saying:[815259.230706] possible SYN flooding on port 80. Sending cookies.Then no more messages logged from the http server, so i am assuming this is where it died. I am not sure what sig
-
Quintin Par
-
user145837
dns bind denial-of-service pci-dss
In our last TW PCI scan, one of our flags was “DNS Amplification Denial of Service”.Right now, the DNS server is running Bind 9.8.1-P1. It seems like the CVEs are for a much older version: CVE-2006-0988, CVE-2006-0987.Given as evidence was: Finding: A 26 byte ANY query for [my domain] resulted in a much larger answer, at 283 bytes in size.So, from the outside world I run a dig:taco $ dig -t NS . @[my domain]For which I get back:; <<>> DiG 9.8.1-P1 <<>> -t NS . @[my domain
-
Mike L.
tomcat denial-of-service vulnerability
The last two days our Tomcat 5.5 Linux-based webserver has been broken down within minutes by starting thousands of downloads and stopping them. Some request paths in the access log end with a “?jfkdsjkfsdk”-like part. Is there a known vulnerability of Tomcat systems for such attacks?Update: We are currently running pure Tomcat, no Apache.
-
Tom O’Connor
security ddos denial-of-service
i thought my server was safe with http-guardian but apparently not. Some smart arse keeps hitting my server with ‘Keep-Dead’ and causing it to crash. I’ve looked through the logs but can’t see anyway to tell the requests apart from a regular visitor who’s browser is quickly loading all the components on a busy page.Any advice would be appreciated.
-
Tom O’Connor
kernel denial-of-service watchguard
Hi I have a watchguard firewall, and I lost access to the firewall before xmas, therefore I visited the site, upgraded the firewall to the latest firmware but unfortunatly, I am now having similar issues where I will lose access to the firewall, sometimes it will let me in sometimes nothing. I thought this was an issue with the actual hardware but now in the logs I see a constant stream of: 2011-12-29 09:47:38 kernel printk: 90 messages suppressed.Which makes me think this could be a DOS attack,
-
Tom O’Connor
apache2 unix denial-of-service attacks
This is the script, it comes with mod_evasive:#!/usr/bin/perl #test.pl: small script to test mod_dosevasive’s effectiveness use IO::Socket; use strict;for(0..100) {my($response);my($SOCKET) = new IO::Socket::INET( Proto => “tcp”,PeerAddr=> “MY_IP:80”);if (! defined $SOCKET) { die $!; }print $SOCKET “GET /?$_ HTTP/1.0\n\n”;$response = <$SOCKET>;print $response;close($SOCKET); }If I run this script in my PC, replacing “MY_IP” with the ip of my VPS (openVZ, 3 CPU cores 2.53Ghz, 1Gb ram)
-
IneedHelp
network firewalls attack-prevention ddos denial-of-service
I am domestic user and I am getting attacked regularly by a guy that hates me.Here is the background story: that guy uses Skype resolvers (tools offered by paid DDoS services) to find out my IP based on my Skype ID. He does that because I have dynamic IP, so whenever I go online and sign in to Skype, he discovers my new IP using the Skype resolver. Now I know I could avoid this by creating a new Skype ID (which I did) or by using a proxy service for Skype (which is not always convenient), but I
-
asudhak
web-application attacks ddos denial-of-service
Can some one explain to me the concept of Dos Attacks for web applications ? Also what is the distinction between Dos and Distributed Dos ( ie DDos) attacks ? Wikipedia says :In computing, a denial-of-service attack (DoS attack) or distributeddenial-of-service attack (DDoS attack) is an attempt to make a machineor network resource unavailable to its intended userswhich means they are the two different names for the same attack .But then again I found out this article from Computer Crime Research
-
messi fan
denial-of-service tcp
a normal tcp packet shown in figureHow a TCP packet that causes dos attack different from normal Tcp Packet?
-
Xeon
attacks denial-of-service
I don’t know whether it’s appropriate to post this question here but I desperately need help. I’ve been receiving ping requests from 18 different IP addresses so far. Some of them are local, some are from US and Russia. In half an hour, my router dropped 220 ping requests. And last night, my router logged that there’s SYN Flooding attacks, TELNET requests, and SYN-FIN attackIt got me disconnected from the net quite a lot of times. So, are the ping requests a DoS attack or it’s really THAT NORMAL
-
k to the z
sql-injection denial-of-service
OverviewAnonomous claimed responsibility today for the Denial of Service attack against wikileaks. They are using a new software called RefRef. It seems to exploit Mysql using the server’s processing power against itself. This of course requires no botnet.QuestionI can’t find much information about this new software. I would like to know what I need to patch in order to protect against this exploit. Thanks in advance guys.UPDATEIf it wasn’t obvious, I’m talking about a patch for Mysql.
-
Rory Alsop
attacks known-vulnerabilities ddos denial-of-service
In order to study vulnerabilities of a SIP server and the impacts of DOS attacks on the QoS of VoIP service, I have found this vulnerability which can be exploited to cause DoS on SIP server.But I need clarification in a few areas:How it can be possible for an attacker to cause an overflow ? What is the relationship between an overflow and denial of service attacks that can occur at the OpenSER?I did not understand the description and the action performed by the attacker.
-
AviD
network denial-of-service ipv6
In the DefCon video “Three Generations of DoS Attacks (with Audience Participation, as Victims)”, the speaker demonstrates how it is possible to crash a variety of devices by flooding them with IPV6 ‘Join Network’ commands.2 questions:Can somebody explain what is going on here to me in more detail How do I prevent this from happening to my own computer
-
November
network denial-of-service ports flooding
If I see port 25 is open, but I dont have access to the program running the smtp server, could It be flooded with enough information to make it unusable (but not affect any other services)?
-
Rory Alsop
ddos denial-of-service
I know that server overloads are caused due to excessive number of genuine requests and DoS due to malicious request. But, my question is, if you have designed a system for Overload mitigation, does it necessarily protect system from DoS? If not why?
-
Mike
denial-of-service
I’m doing some revision for an exam and I’ve made a note to look at how DoS attacks can be used to gain access to a system. I can’t find anything online but I found a reference to the fact here. I hope one of you can enlighten me
-
Ali Ahmad
-
Luc
network attack-prevention ddos denial-of-service server
In my software security class, we had this question:You are the system administrator for a provider that owns a large network (e.g., at least 64,000 IP addresses). Show how you can use SYN cookies to perform a DOS attack on a web server. I searched everywhere, I found that SYN cookies are used to prevent DOS attacks. But this question said to perform an attack (I verified with the professor, it’s not a typo). Can someone give me some pointers so I can head in the right directions?