denial-of-service

I can't access Plesk Amdin because of DOS attack; can I block a hostname or IP address through SSH? If so, how would I be able to do this? Thank you! If you have iptables you can block it using simple rule: iptables -I INPUT --source 1.2.3.4 -j DROP This rule drops packets coming from IP 1.2.3.4. Probably the easiest is to SSH to your box use vim to and add the following to the top of your .htaccess file in the root of your domain ( /var/www/vhosts/yourdomain.com/httpdocs/.htaccess ): deny from 12.345.67.89 Obviously replace the IP address with the one you want to block. Repeat this for any

I'm looking for a servlet filter library that helps me secure our web service against unauthorized usage and DDoS. We have "authorized clients" for our web service, so ideally the filter would help detect clients that aren't authorized or behave improperly, or detect multiple people using the same account. Also we need a way to prevent DoS'ing of our various services since we have an open-account policy -- limiting the number of simultaneous connections for a user, etc. We've looked at the Tomcat LockOutFilter and such but those are fairly primitive and only prevent against one sort of attack.

I have configured my server with various anti-DOS modules (mod_qos, mod_evasive etc). What I want to do now is run a simple PHP scrip that calls URLs on my site multiple times, in order to reach the various limits on the site. Ideally a script that can somehow open various URLs concurrently would be ideal. Is this possible? And if not, what is the easiest way to simulate multiple requests from one IP? I would prefer a tool that works in Windows 7? Update: Remember, i want to be able to see if my server is actually blocking some of the requests. I've only played with AB for a little bit, but so

I'm writing a small web application as I'm learning to use the features of Parse.com. Since application_id and javascript_key are both public (as explained in the doc), it means anyone is free to run code like illustrated in the following snippet: function sendRequest(){ var query = new Parse.Query(Parse.User); query.find({ success: function(results) { console.log("Request sucessful"); }, error: function(error) { console.log("Request error: " + error.code + " " + error.message); } }); } setInterval(sendRequest, (1000 / hitsPerSecond)); I think it can lead to "DOS" attacks pretty easily -

There's an easy way to totally lock a lot of JVM: class runhang { public static void main(String[] args) { System.out.println("Test:"); double d = Double.parseDouble("2.2250738585072012e-308"); System.out.println("Value: " + d); } } or, to hang the compiler: class compilehang { public static void main(String[] args) { double d = 2.2250738585072012e-308; System.out.println("Value: " + d); } } as explained here: http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/ My question is very simple: which kind of well-conceived web application do you know that can

I am looking for best practices for detecting and preventing DOS in the service implementation (not external network monitoring). The service handles queries for user, group and attribute information. What is your favorite source of information on dealing with DOS? This is a technique I found very useful.. Prevent Denial of Service (DOS) attacks in your web application Whatever you do against DoS-Attacks, think if what you do may actually increase the the load required to handle malicious or unwanted requests! If you are using Linux then you should read this article: Rule-based DoS attacks