curiouswebster
asked on
Protecting a web service from a DOS attack?
What options are there to protect a web service from a DOS attack?
IF the web service were accessed only by my Objective-C iPhone application, and nowhere else, is this web service protected by the "security through obscurity" model? Or, can hackers crack open the source code of the iPhone app, like Apple can?
What about if I put the URL to the web service into the SQLite database and encrypted the Path?
So, when my app needs to request information from the web service, it does a DB lookup in the SQLite database for the path to the web service. When it gets it, it decrypts it. Then, using a variable (in memory) only, it makes the web service call.
Does this protect from a DOS attack to that web service call?
Are there easier ways?
Will this work on Java for the Android?
What about on my website?
Thanks.
IF the web service were accessed only by my Objective-C iPhone application, and nowhere else, is this web service protected by the "security through obscurity" model? Or, can hackers crack open the source code of the iPhone app, like Apple can?
What about if I put the URL to the web service into the SQLite database and encrypted the Path?
So, when my app needs to request information from the web service, it does a DB lookup in the SQLite database for the path to the web service. When it gets it, it decrypts it. Then, using a variable (in memory) only, it makes the web service call.
Does this protect from a DOS attack to that web service call?
Are there easier ways?
Will this work on Java for the Android?
What about on my website?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
But, if this is a web service being protected, is there a way to do Captcha? How does that work?
> You get cdn as a byproduct of their caching.
what is cdn?
> You get cdn as a byproduct of their caching.
what is cdn?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So, using CloudFlare or a similar technology solves all problems with DDoS attacks?
ASKER
I have the next question here...
https://www.experts-exchange.com/questions/29054441/Aside-from-DDoS-attacks-what-kinds-of-evil-awaits-a-web-service.html
https://www.experts-exchange.com/questions/29054441/Aside-from-DDoS-attacks-what-kinds-of-evil-awaits-a-web-service.html
ASKER
What is the short explanation for how they do this?