Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

IIS slow attach limits

Posted on 2014-03-03
3
Medium Priority
?
276 Views
Last Modified: 2014-03-07
I have read this:  http://www.iis.net/configreference/system.applicationhost/sites/sitedefaults/limits

What are the limits that are recommended to avoid slow attacks for:

1) connectionTimeout
2) maxBandwidth
3) maxConnections
0
Comment
Question by:Aleks
3 Comments
 
LVL 15

Accepted Solution

by:
pateljitu earned 2000 total points
ID: 39901839
You can be a better judge for these default values, reason I am saying this is you would need to monitor your network and calculate average bandwidth, no of connection utilized based on flow of traffic.

For e.g.
10000 request / second [maxConnections] + 100 KB transfer / request = 0.95 GB / sec [maxBandwidth]
(Now this is just an example, if you have average website with static page your bandwidth / page will be 2 - 20KB / request or even smaller than that)

Again these are suggestive values which you will have to make sure on your side based on your website traffic flow.


On DoS topic you can also setup "Dynamic IP Restrictions Extension" which can also help to block Denial of Service Attacks.

http://www.iis.net/downloads/microsoft/dynamic-ip-restrictions
0
 

Author Comment

by:Aleks
ID: 39903486
Thank you .
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question