Security Incidents mailing list archives
RE: DOS ATTACK
From: "Jonathan A. Zdziarski" <jonathan () networkdweebs com>
Date: Mon, 28 Oct 2002 22:10:59 -0500
If he's got it up on his website in a ton of 1-pixel frames, chances are all his [the attacker] web visitors are loading several copies of the victim's page. The only real way to filter that would be by filtering based on HTTP_REFERRER. Unless I'm mistaken I don't believe Apache yet has a mechanism to enforce mandatory delays between the same page being loaded from the same IP. -----Original Message----- From: james [mailto:jamesh () cybermesa com] Sent: Monday, October 28, 2002 6:31 PM To: Hunt, Jim Cc: incidents () securityfocus com Subject: Re: DOS ATTACK Sounds like this attack is coming from a specific IP. Blocking that IP on a router would be one obvious answer. james ----- Original Message ----- From: "Hunt, Jim" <Jim.Hunt () nwsc k12 in us> To: <Incidents () securityfocus com> Sent: Sunday, October 27, 2002 9:59 PM Subject: DOS ATTACK
I have a friend that has a DOS Attack going on against their website.
It
is being done by someone with a very popular website trying to squash a little guy. He is doing it be placing 1 pixel by 1 pixel inline frames in his webpages and having them load my friends webpage. It is killing his server and bandwidth.
What can we do to block? The Server is W2K with IIS. Thanks!
------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- DOS ATTACK Hunt, Jim (Oct 28)
- Re: DOS ATTACK james (Oct 28)
- Re: DOS ATTACK Alex Lambert (Oct 28)
- RE: DOS ATTACK Jonathan A. Zdziarski (Oct 28)
- Re: DOS ATTACK Hugo van der Kooij (Oct 28)
- Re: DOS ATTACK Blake Girardot (Oct 28)
- RE: DOS ATTACK Jonathan A. Zdziarski (Oct 29)
- Re: DOS ATTACK Micheal Patterson (Oct 29)
- Re: DOS ATTACK Gary Flynn (Oct 30)
- Re: DOS ATTACK Kurt Seifried (Oct 31)
- Re: DOS ATTACK Jay D. Dyson (Oct 31)
- Re: DOS ATTACK Gary Flynn (Oct 31)
- Re: DOS ATTACK Gary Flynn (Oct 30)
- Re: DOS ATTACK Richard Archer (Oct 29)
- <Possible follow-ups>
- RE: DOS ATTACK David Vincent (Oct 28)
(Thread continues...)
- Re: DOS ATTACK james (Oct 28)