Solved

Denial of Service Attacks

Posted on 2010-09-06
4
2 solutions
566 Views
Last Modified: 2012-05-10
I've just had a request from an old client, (site created 8 yrs ago) that he's having a DOS problem, the site was one of my last asp sites and the info he has sent me is shown below.

Can anyone explain this? Help resolve it or is it a case of a rewrite to ASP.NET in which case I need help with the justification!

The attack scenario is thus:

"Some server sends a request like

index.php?option=com_product&controller=../../../../../../../../../../../../
../../../proc/self/environ%00

This makes your IIS server panic and it uses greater than 100% CPU! The type of request is a DOS (Denial of Service) attack, but it looks like a DOS attack for a Unix based machine, not a Windows machine, but it is crippling your server.

It's something to do with your server not being able to handle a "querystring" (to the right of the "?") with a multiple "up directory" ( the ".." parts) - or maybe just one "up directory".

I've been trying to find something that would redirect the above line to something else (or reject it), but not being successful.

I've heard that this problem can be caused by "bad code" - I've written a dummy index.php on your server, but the crash is caused *before* it even requests the index.php page - so I don't think it's a "bad coding" issue!"

Mark
0
Comment
Question by:markej
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Join The Community
  • 2
4 Comments
 
LVL 9

Accepted Solution

by:
shalabhsharma earned 250 total points
ID: 33612554
0
 
LVL 11

Expert Comment

by:madgino
ID: 33613087
PHP version? IIS version? OS?
 I would suggest an upgrade of php and latest patches for IIS/OS.
0
 
LVL 11

Assisted Solution

by:madgino
madgino earned 250 total points
ID: 33613125
0
 

Author Closing Comment

by:markej
ID: 33757470
I'm not a Sys Admin, I offered my help to an old client and realised I was out of my depth and wanted some specific answers so I could instrhim on what to do!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Download
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Finding Control that causes PostBack Made Simple
Article by: kak_mca
IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
Key concepts of Delegate using C#
Article by: ROMA
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
How to access multiple mailboxes from one account in MS Exchange Server 2010 - video tutorial
Video by: Adam
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
What makes NetCrunch network monitoring system unique?
Video by: AdRem
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Advertise Here

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Advertise Here