Comments on: What needs to be put in place to protect web servers from DOS attacks? http://www.wrgross.com/blogs/security/2008/10/27/what-needs-to-be-put-in-place-to-protect-web-servers-from-dos-attacks/ All manner of goodness respecting the secure operation of digital systems. Tue, 07 Feb 2012 18:49:06 +0000 http://wordpress.org/?v=2.6.1 By: Orlando Stevenson http://www.wrgross.com/blogs/security/2008/10/27/what-needs-to-be-put-in-place-to-protect-web-servers-from-dos-attacks/#comment-275 Orlando Stevenson Sat, 26 Dec 2009 08:00:59 +0000 http://www.wrgross.com/blogs/security/?p=164#comment-275 It's worth noting that one particularly nasty DOS attack is <a href="http://en.wikipedia.org/wiki/Sockstress" rel="nofollow">SockStress</a>. It doesnt require much in the way of resources, just a stateful TCP connection to the target. Migitations center on just not letting communication take place - i.e. filtering or blocking the attacking system. More: <a href="https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html" rel="nofollow">CERT-FI Advisory on the Outpost24 TCP Issues</a> provide a number of vendor responses to this issue. It’s worth noting that one particularly nasty DOS attack is SockStress. It doesnt require much in the way of resources, just a stateful TCP connection to the target. Migitations center on just not letting communication take place - i.e. filtering or blocking the attacking system.

More: CERT-FI Advisory on the Outpost24 TCP Issues provide a number of vendor responses to this issue.

]]>