Denial of Service Attacks
I've just had a request from an old client, (site created 8 yrs ago) that he's having a DOS problem, the site was one of my last asp sites and the info he has sent me is shown below.
Can anyone explain this? Help resolve it or is it a case of a rewrite to ASP.NET in which case I need help with the justification!
The attack scenario is thus:
"Some server sends a request like
index.php?option=com_produ
../../../proc/self/environ
This makes your IIS server panic and it uses greater than 100% CPU! The type of request is a DOS (Denial of Service) attack, but it looks like a DOS attack for a Unix based machine, not a Windows machine, but it is crippling your server.
It's something to do with your server not being able to handle a "querystring" (to the right of the "?") with a multiple "up directory" ( the ".." parts) - or maybe just one "up directory".
I've been trying to find something that would redirect the above line to something else (or reject it), but not being successful.
I've heard that this problem can be caused by "bad code" - I've written a dummy index.php on your server, but the crash is caused *before* it even requests the index.php page - so I don't think it's a "bad coding" issue!"
Mark
Can anyone explain this? Help resolve it or is it a case of a rewrite to ASP.NET in which case I need help with the justification!
The attack scenario is thus:
"Some server sends a request like
index.php?option=com_produ
../../../proc/self/environ
This makes your IIS server panic and it uses greater than 100% CPU! The type of request is a DOS (Denial of Service) attack, but it looks like a DOS attack for a Unix based machine, not a Windows machine, but it is crippling your server.
It's something to do with your server not being able to handle a "querystring" (to the right of the "?") with a multiple "up directory" ( the ".." parts) - or maybe just one "up directory".
I've been trying to find something that would redirect the above line to something else (or reject it), but not being successful.
I've heard that this problem can be caused by "bad code" - I've written a dummy index.php on your server, but the crash is caused *before* it even requests the index.php page - so I don't think it's a "bad coding" issue!"
Mark
Who is Participating?
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month5 days, 16 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
http://onlamp.com/pub/a/bsd/2004/06/24/anti_dos.html