5

What can I do to protect Web service/ WebBroker application against Denial of Service attack? the attack causes IIS to create huge amount of webbroker instances at the same moment of time. the webbroker does not have enough time to start and response before a new request comes. that sometimes causes the webbroker to crash. Is there some sort of limitation of request per minute or some way to put requests into the queue?

thank you.

mjn
  • 36,362
  • 28
  • 176
  • 378
Illya Pavlov
  • 253
  • 2
  • 9
  • not sure exactly how to do this in IIS, however, what you may want to research is: how to check how many connection does IP X had in the past 10 seconds, if that number is >= 10 then any other connection will be forced to disconnect, also, you may want to limit the amount of RAM you allocate per IP, as an alternative to IIS, I would strongly recommend Apache as it is more flexible and open to your desires... –  Mar 03 '12 at 19:59
  • CloudFlare has a service that automatically try to protect your site against DSA. You my try it. Implementing one on your own could be difficult. – Christopher Ramírez Mar 04 '12 at 14:15
  • https://msdn.microsoft.com/en-us/library/cc750213.aspx#XSLTsection126121120120 .. better asked in serverfault I guess. – Sertac Akyuz Apr 25 '15 at 15:48

2 Answers2

0

I wrote this answer for Parse.com service but most of it, including Security by Obscurity, applies to other services.

Community
  • 1
  • 1
Dmitri Zaitsev
  • 13,548
  • 11
  • 76
  • 110
0

For some ideas the Wikipedia Article about Denial of Service could be helpful, especially the section about firewalls and switches:

Most switches have some rate-limiting and ACL capability. Some switches provide automatic and/or system-wide rate limiting, traffic shaping, delayed binding (TCP splicing), deep packet inspection and Bogon filtering (bogus IP filtering) to detect and remediate denial of service attacks through automatic rate filtering (...)

mjn
  • 36,362
  • 28
  • 176
  • 378