|
| Dos Attacks, what to do? |
 |
Sat, 22 Mar 2008 15:57:40 +000 |
Dear guys
I'm developing a web application that needs to upload data to a sql server from
client machins(direct login to server or use web services), and it's a rather
long time that I concerned the matter of DOS attacks, but can't find a total
solution for that.
The best thing I found was tracking IP address of end
users(http://weblogs.asp.net/omarzabir/archive/2007/10/16/prevent-denial-of-serv
ice-dos-attacks-in-your-web-application.aspx), but this can be easily overcome
by spoofed IP addresses. now I think there is not so much that I can do for this
matter, but rely on capabilities of host.
I wanted to ask you guys for a general overview. What shall we ask from hosting
company? Is there even a thing that they can do to ask from them?
How large companies like credit card processing companies overcome this problem?
Can we use the same methods?
Is it better to use services of such companies like hosting by Yahoo?
Are any web hosting companies well known to be reliable against such attacks?
Or any other points that you may find usefull.
Thanks a lot
|
| Post Reply
|
| Re: Dos Attacks, what to do? |
 |
Wed, 26 Mar 2008 00:26:32 +000 |
Most people would do take on a strategy of block everything other than the
whitelisted IPs. I am not sure what your application's intentional use is and
am not sure if this is applicable in your situation.
If your users base are all registered user with a known IP, I would blist
everything and have them insert their IP into the whitelist.
Another strategy you can consider is to have restriction in time between each
call. It is rather complicated, but doable. In your web service, you would
track the user's last connection time and in every connection, you check if they
are connecting too frequently.
|
| Post Reply
|
| Re: Dos Attacks, what to do? |
 |
Wed, 26 Mar 2008 08:51:29 +000 |
My attention to this matter may be too much paranoid!
In fact I'm blcoking time consuming operations for too frequent users. And I'm
also checking IP address of incomming requests and block too frequent IPs. This
may be more than enough for a small business which has registered users.
But my question were about IP snoofing and sending too frequent incorrect login
requests to system. This may not happen to my site, but even if it happens,
there doesn't seem to be a way for defending for me.
Anyhow, if it happens or not, I prefere to rely on hosting companies whom pay
attention to this matter.
Thanks a lot
|
| Post Reply
|
|
|
|
|
|
|
|
|
|