ct: Re: DDOS Attack simulator - Some Results
I think for something like LOIC (or any DDOS) you will need to implement some
sort of firewall protection. It is very likely the actual request being sent to
the web server is malformed, which could explain why you are getting 5xx errors
in the
I think for something like LOIC (or any DDOS) you will need to implement some
sort of firewall protection. It is very likely the actual request being sent to
the web server is malformed, which could explain why you are getting 5xx errors
in the weblog.
From what i see online the best way to mi
Got some "movement" on this, though not a complete solution.
Using a DDOS Simulator (LOIC)
Using 4D v15.4 (Windows)
4D Server crashed, actually the entire machine froze completely after 8-10
minutes
While it was running, 4D was running at about 90%+ of memory, until kaboom.
Needed to physically
> I had a problem that needed a resolution (4D Server crashing) and I could
> care less if anyone thinks it inappropriate, it fixed my problem and was not
> meant to be a permanent fix.
> Judge all you want...
Steve,
No judgement here - but this "resolution" was really just a patch you put in
> RE: Didn’t v15R5 also cure the crashing during those scans?"
> Thanks for chiming in.
> I'm not finding any reference to crashing during scans in the v15R5 release
> notes/bug fixes.
> Did I miss something?
Randy, it was a problem that was no longer reproducible in v15R5 hence no bug
fix liste
...@lists.4d.com] On Behalf Of Lee Hinde via
4D_Tech
Sent: Friday, March 24, 2017 5:36 PM
To: 4D iNug Tech <4d_tech@lists.4d.com>
Cc: Lee Hinde
Subject: Re: DDOS Attack simulator
Totally appropriate, IMHO. The problem is the test. When the problem is the
problem, look at that. I’m guessing
Totally appropriate, IMHO. The problem is the test. When the problem is the
problem, look at that. I’m guessing for 98% of websites powered by 4D, a DDOS
is highly unlikely.
> On Mar 24, 2017, at 3:17 PM, Kirk Brooks via 4D_Tech <4d_tech@lists.4d.com>
> wrote:
>
> Hi Steve,
> Isn't that just
Hi Steve,
Isn't that just patching for the test instead of the problem the test is
trying to identify? Or am I missing something - which is entirely possible?
On Fri, Mar 24, 2017 at 9:31 AM, Stephen J. Orth via 4D_Tech <
4d_tech@lists.4d.com> wrote:
> To get around this, we did a rather simple "
Neil,
I can probably operate on the basis that my customer will want to test this
without a firewall...
I just need to be prepared for everything.
;-O
Randy Engle
XC2 Software LLC
> Any and all information regarding the above will be accepted with much
> gratitude!
I thought most firewall
Tim,
Most appreciated!
Randy Engle
XC2 Software LLC
-Original Message-
From: Timothy Penner [mailto:tpen...@4d.com]
Sent: Friday, March 24, 2017 11:03 AM
To: 4D iNug Technical <4d_tech@lists.4d.com>
Cc: Randy Engle <4d.l...@xc2.us>
Subject: RE: DDOS Attack simulator
>
> Anybody know a security scanning service that doesn't break the bank?
Nessus used to have a community edition that was able to get gotten and used
for free in non-commercial environments... it looks like they renamed this
option to "Nessus Home"
https://www.tenable.com/products/nessus/nessus-p
So... back to my original question:
Anybody know a security scanning service that doesn't break the bank?
Or a tried and true simulator that I can use to test.
I've been using "LOIC" (Low Orbit Ion Cannon)
However, my app seems to handle this no problem.
Been running from 2 different systems fo
Hi Randy,
One of the things that the "security scan" is probably finding is that HTTP
TRACE is enabled.
Starting with v16 this has been disabled by default and there is now an option
to enable it.
http://livedoc.4d.com/4Dv16/help/Title/en/page8822.html#3101893
I suggest testing with v16 becaus
Hi Tim,
RE: Didn’t v15R5 also cure the crashing during those scans?"
Thanks for chiming in.
I'm not finding any reference to crashing during scans in the v15R5 release
notes/bug fixes.
Did I miss something?
Randy Engle
XC2 Software LLC
**
iNug Technical' <4d_tech@lists.4d.com>
Cc: Dennis, Neil
Subject: RE: DDOS Attack simulator
> Any and all information regarding the above will be accepted with much
> gratitude!
I thought most firewall routers will stop a DDos attack before it hits your 4D
server. Was this not t
> On Mar 24, 2017, at 11:19 AM, Randy Engle via 4D_Tech <4d_tech@lists.4d.com>
> wrote:
>
> 3.To "remediate" the problem, I've made some changes in the Web Structure
> Settings
>
> a. set maximum concurrent web process to a much smaller number
> than 32000 (128/256/512/1024)
>
> Any and all information regarding the above will be accepted with much
> gratitude!
I thought most firewall routers will stop a DDos attack before it hits your 4D
server. Was this not the case for you or are you testing without a firewall?
Neil
--
Privacy Disclaimer: This message contai
othy Penner [mailto:tpen...@4d.com]
Sent: Friday, March 24, 2017 11:35 AM
To: s.o...@the-aquila-group.com; 4D iNug Technical <4d_tech@lists.4d.com>
Subject: RE: DDOS Attack simulator
Hi Steve,
Didn’t v15R5 also cure the crashing during those scans?
-Tim
Timothy Penner
Technical Services En
Hi Steve,
Didn’t v15R5 also cure the crashing during those scans?
-Tim
**
4D Internet Users Group (4D iNUG)
FAQ: http://lists.4d.com/faqnug.html
Archive: http://lists.4d.com/archives.html
Options: http://lists.4d.com/mailman
Randy,
We have several customers who were using commercial scanning software to test
web servers and one test was basically of DOS. When this test was run, 4D
Server (V13) would crash...not good.
To get around this, we did a rather simple "trick"
Since we know the format of every web requ
20 matches
Mail list logo