DDoS check ?
Posted: Fri Jul 31, 2009 3:49 pm
What's the best way to check if someone is DDoS'ing your server on Windows Server 2003 ?
ok. since there was this guy who was somehow lagging the server. I thought it was DDoS first, but apparently he used PHX in some way.ThePhoenixBird wrote:Check IIS/Apache logs and see connections if you see several connections from the same IP that would be a attacker machine.
Normally DDoS uses thousands of computers making attacks
There's a number of ways to do it with phx. Item drop, item delete, and I'm sure a few ways I don't know yet.momo61 wrote:ok. since there was this guy who was somehow lagging the server. I thought it was DDoS first, but apparently he used PHX in some way.ThePhoenixBird wrote:Check IIS/Apache logs and see connections if you see several connections from the same IP that would be a attacker machine.
Normally DDoS uses thousands of computers making attacks
Subclass changing (good thing i activated subclass flood protector)toastgodsupreme wrote:There's a number of ways to do it with phx. Item drop, item delete, and I'm sure a few ways I don't know yet.momo61 wrote:ok. since there was this guy who was somehow lagging the server. I thought it was DDoS first, but apparently he used PHX in some way.ThePhoenixBird wrote:Check IIS/Apache logs and see connections if you see several connections from the same IP that would be a attacker machine.
Normally DDoS uses thousands of computers making attacks