stackoom
  简体   繁体   中英

Is IIS dynamic IP restriction adequate to prevent denial of service attack?

 原文  2014-03-17 21:11:14       asp.net-mvc/ iis/ ddos

Question

I've implemented IIS dynamic IP restriction, I am concerned that it may not be enough. For example, if someone was to send many requests from a huge list of various proxy Ips they could in theory get through the the safety mechanism?

Is there anything else I should consider doing in IIS or .Net Mvc?

1 answers

solution1
 1  2016-07-05 02:46:28

For any still wondering, here is a MS Blog covering quite a bit - it is focused on Azure but many of the points are still applicable to IIS in a non-cloud environment. security-guidelines-to-detect-and-prevent-dos-attacks-targeting-iisazure-web-role-paas

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question What's the optimal “Dynamic IP Restriction Settings” in IIS8 C# MVC: What is a good way to prevent Denial Of Service (DOS) attacks on ASP.NET sites? Fortify Denial of Service: Regular Expression in C# Accesing wcf service hosted in iis works in localhost but not if accessed by ip:port/service.svc How to prevent an Injection attack with wysihtml5 editor How to prevent Dos Attack in Async Sessionless Controller Json.Net Wrapper to prevent Xss attack IIS/ASP.NET MVC: Dynamic IP Address Restrictions on specific folder How to prevent cross site forgery attack (replay attack) in .NET 4.0 MVC web application by using Antiforgery Technique Could HttpUtility.UrlEncode() prevent Open Redirect attack?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM