Help with Windows Server 2008 R1

Asked By 30 points N/A Posted on -
qa-featured

My server has been receiving DDoS'd lately.

Can I know from which IPs it's getting ping?

Or is there any program that logs all IPs?

Thanks for your help.

SHARE
Best Answer by Sharath Reddy
Best Answer
Best Answer
Answered By 590495 points N/A #115547

Help with Windows Server 2008 R1

qa-featured

DOS or Denial-Of-Service and DDOS or Distributed-Denial-Of-Service are almost like the same, they both deny important services that are running on the server. They broadcast packets to the destination or target server in such a way that the target server would not be able to handle it.

It’s like overloading the system because of the amount of packets received. DDOS is the advanced version of DOS. DDOS’ specialty is the same with DOS, it relays its attacks coming from a single host or network. DDOS attacks are usually launched from different networks that were already been compromised.

DDOS consists of 3 parts, the Master, the Slave, and the Victim. The Master is the person or the computer that plans or launches these attacks. This is the brain of all the attacks. The Slave is the network that will be used as the launch pad of the attacks. And the Victim is the target server.

DDOS attacks happen because of the lack of security. DDOS is somewhat like a disease which does not have any cure.

To help prevent DDOS attacks, try installing a firewall that has Ingress and Egress Gateway Filtering.

For complete information about DOS and DDOS attacks and prevention, Please visit this link.

Answered By 5 points N/A #115548

Help with Windows Server 2008 R1

qa-featured

You can use in Windows command „netstat“ to get a list of IP connections. Go to „Start“, click Run, type in search field „cmd“ and press Enter on your keyboard.

Now in Command Prompt type “netstat –noa” (without quotations”) and press Enter.

Explanation of “noa”:

n: Indicates active TCP connections, however, addresses and port numbers are expressed numerically and no attempt is made to determine names.

o: Indicates active TCP connections and includes the process ID (PID) for each connection. You can find the application based on the PID on the Processes tab in Windows Task Manager.

a: Indicates all active TCP connections and the TCP and UDP ports on which the computer is listening.

You can try Anti DDoS Guardian – it records each blocked and allowed IP address

http://www.beethink.com/antiddos.htm

 

Related Questions