DDOS Attack in ASP.NET with State Server Session -


cant find issue anywhere...

using asp.net 3.5, have 3 web servers, in web farm, using asp.net state server (on different server).

all pages uses session (they read , update session)

issue: pages prone ddos attack, easy attack, go page, , hold down 'f5' key 30-60 seconds, , request pile in web servers.

i read, if make multiple call session each lock session, hence other request has wait same user's session, waiting, causes ddos.

our solution has been pretty primitive, preventing (master page, custom control) call session , allow page call, adding javascript disable's f5 key.

i realize asp.net session prone such ddos attacks!!

anyone faced similar issue? global/elegant solution? please share thanks

check this:

dynamic ip restrictions: dynamic ip restrictions extension iis provides professionals , hosters configurable module helps mitigate or block denial of service attacks or cracking of passwords through brute-force temporarily blocking internet protocol (ip) addresses of http clients follow pattern conducive 1 of such attacks. module can configured such analysis , blocking done @ web server or web site level.

also, check this:

dos attack: sites/datacenters control (d)dos attacks via hardware not software. firewalls, routers, load balancers, etc. not effeicent or deesirable have @ application level of iis. don't want bloat slowing down iis.

also ddos preventation complex setup deadicated hardware boxes deal with different rules , analysis them take lot of processing power.

look @ web enviornment infrastucuture , see setup , see hardware provides protection , if problem @ dedicated hardware solutions. should block ddos attacks possible in chain, not @ end @ webserver level.


Comments

Post a Comment

Popular posts from this blog

monitor web browser programmatically in Android? -

i've got tricky question here. need users make payment bank (namely barclaycard) in uk. so, have https url , add parameters (such amount pay, order reference, etc) url, start http connection intent.actionview, redirect user browser can enter credit card details on bank's webpage , make payment our account successfully. far ? the code use below (i changed values privacy reasons) problem is, need app when user has completed/failed/cancelled payment. barclaycardautomatically redirects particular url when payment has succeeded, 1 if failed. there no way of knowing when barclaycard payment has succeeded go android app somehow ? button cardbutton = (button) findviewbyid(r.id.card_button); cardbutton.setonclicklistener(new view.onclicklistener() { @override public void onclick(view arg0) { string prehashstring = new string(); string prohashstring = new string(); string shapassphrase = new string(); shapassphrase = "gsvth£h70zkh...
Read more

Shrink a YouTube video to responsive width -

i have youtube video embedded on our website , when shrink screen tablet or phone sizes stops shrinking @ around 560px in width. standard youtube videos or there can add code make go smaller? you can make youtube videos responsive css. wrap iframe in div class of "videowrapper" , apply following styles: .videowrapper { float: none; clear: both; width: 100%; position: relative; padding-bottom: 56.25%; padding-top: 25px; height: 0; } .videowrapper iframe { position: absolute; top: 0; left: 0; width: 100%; height: 100%; } the .videowrapper div should inside responsive element. padding on .videowrapper necessary keep video collapsing. may have tweak numbers depending upon layout.
Read more

wpf - PdfWriter.GetInstance throws System.NullReferenceException -

i'm trying create pdf document using itextsharp 5.3.4 using following document document = new document(); filestream stm = new filestream(filename, filemode.create); pdfwriter writer = pdfwriter.getinstance(document, stm); i'm getting system.nullreferenceexception following stack trace: system.nullreferenceexception occurred hresult=-2147467261 message=la référence d'objet n'est pas définie à une instance d'un objet. source=itextsharp stacktrace: à itextsharp.text.version.getinstance() innerexception: i've verified neither document nor stm null, , if select "continue" in vs12 document created - exception thrown. updated itextsharp 5.4.0 , it's still occurring. can't find information on anywhere - got ideas? make sure not catching exceptions. nullreferenceexception can 1 caught , handled inside itextsharp, don't care it. fact can continue supports theory. change following setting verify: debug -> exceptions ...
Read more