I don't is possible because in case of a DoS they first target your web
server by making it busy.
That can be tomcat but can well be apache.
Secondly "they" can attack you from many ip addresses and that would be
pretty harsh, if for example you'd get 1 zillion requests for a larger
file/page and your tomcat will become very busy trying to serve that
page/file.Additional users will experience slow access or even no access at
all.
What you can do, is more like a prevention - just an idea, never implemented
yet - keep tap of access and if you think that one particular ip address or
one resource is hit extremely often then treat that request differenly, a
short(text), polite message will do - you'd serve it differently.
This will not be bullet proof thought, any additional number of requests can
bring you bag at start point...
Maybe load balancing can help, that has nothing to do though with your
application. It's a appserver and hardware configuration.
Hope this will help,
MC
http://www.goodstockimages.com
From: Larry Meadors <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: Tomcat Users List <tomcat-user@jakarta.apache.org>
Subject: Re: can I prevent DoS (Denial of Service) Attacks in JSP?
Date: Tue, 2 Aug 2005 08:30:32 -0600
Hmm, that is like asking how to avoid automobile accidents.
Larry
On 8/2/05, Ben Bookey <[EMAIL PROTECTED]> wrote:
>
> Dear List,
>
> I have been asked if its possible to prevent DoS attacks inside Java
> (JSP/Servlet).
>
> I guess it is ... is this something however that TC would be configured
to
> deal with, or
> must I do something myself. Whats normal ?
>
> Many thanks in advance!
> Best wishes
> Ben Bookey
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]