I need to see all the HTTP sessions and see all the packets for each session coming to IIS.
I need this cause I want to check all the incoming dbms query requests that will be submitted to database before they got executed.
Do you think what I want to do is feasible? Will the http sessions packets include query information?
How could I achieve my goal and from what should I start?
I tried to search on internet but could not get the proper solutions to the problem.
I will really appreciate if you can let me know more detailed step by step instruction to achieve my goal.
Thank you
Related
Let's say I am using multiple connections to download one file from an nginx server. Most of the time its limited to like 2 connections. Is there a way to ask the server how many it is allowing? Or do i have to trial and error to find it by myself
I think you're looking for a robots.txt. Perhaps the property "Crawl-delay" may help you if the site specifies that.
Typically you don't want to expose too much information about the technical setup and configuration of your server to the public for security reasons. Of course hiding such information is not gonna prevent persistent adversaries from attacking your server but at least it's gonna make it harder for the script kiddies. But for this reason I have my doubts that NGINX exposes a public API with such information.
To prevent DOS attacks in my ASP.NET C# application, i have implemented throttling with help of Jarrod's answer in this post.
Best way to implement request throttling in ASP.NET MVC?
But this uses Ip address, which makes it vulnerable to advanced attackers who can change it easily. Another option to identify anonymous users is to use their session ID. I think that it can't be changed until the user restarts the browser, so it can be a good alternative. But i am not sure from the security point of view. Kindly tell me if it is safe or not to use it? If not, then is there any other method to achieve this purpose? Thanks
Edit:
There are some methods that need a longer throttle. That's why i need a programmatic throttle of about 5 secs to 2 mins. I have configured Dynamic Ip Restrictions for IIS, but i can't specify such large time for it.
I think your terminology might be mixed up. DoS is Denial of Service. Someone changing multiple records or requesting functionality is not a DoS attack and normally, most DoS attacks are Distributed, hence DDoS.
What you are requesting based on the link you provided is called throttling... but as others have suggested, the sessionid is simply a value passed up in a cookie and can be easily modified to bypass a check just as you can simply put a proxy in front of the request to mask the source IP between requests.
Therefore, if you only wish to throttle then you need to implement authentication in front of the functionality you want to protect, use the throttling code you posted and maybe throw a CSRF token in as well for good measure.
BUT... if you want to stop DDoS, it ain't going to happen at Layer 7 since the data is already at the server.
I have read a lot on scaling out in signalr and the favourites seem to be those mentioned in :
http://www.asp.net/signalr/overview/signalr-20/performance-and-scaling/scaleout-in-signalr
Namely the following service buses:
- SQL
- Redis
- Azure
The problem is is even stated in the text however:
"Using a backplane, the maximum message throughput is lower than it is when clients talk directly to a single server node. That's because the backplane forwards every message to every node, so the backplane can become a bottleneck."
I am creating...wait for it... YEP! A chat application. And I want to be able to scale it out to MILLIONS of users. Regardless of whether I make it big (ha!) or not, I plan on documenting the step by step process. Now I have most of the app ready, and I am wondering about this scale out issue. I watched this, highly useful video:
http://channel9.msdn.com/Events/Build/2013/3-502
Skip to 55 minutes. "Custom scale-out". And the other ideas such as filtering the message bus.
Now hopefully you're excited and not contemplating suicide over the boredom I am ushering unto you...
My idea is to do as follows:
- per popular rooms give a single server
- each room therefore can easily cope with the traffic and signalr can work nicely broadcasting to the clients and storing the message log to a GROUPS server (ie holds all group messaging per group)
- Then private messaging will need to either use a backplane or server push
- the user connections will therefore need to be updated in a sql server DB (easy enough) and the data posted via ajax rather than signalr
However, I want to explore all options. (Please post any better ideas if you have them) I want to also try testing REDIS for the private messaging. WHY?!! Because what if I want the users to be able to have private messaging groups... and users 1,2 and 3 are all highly annoying and are on servers 1,2 and 3. (Ah you little ...!) For better performance though, I will want to implement a Redis message filter to only send to the servers with the clients on them!
So, what exactly am I looking for? Basically I need resources. I can't find any useful Redis message bus examples (asp.net example has no filter. yes, I can add the AddResolverblabla line! :) )
I also need examples of the following:
- server to server ajax post: I am a server noobie!
- a load balancer example to specify a certain room per chat room (or just some page)
- how many messages can the Redis message bus handle? Will it easily be a bottle neck even with the filter? I cant find any example of performances WITH a filter
Finally I need your brains! ;) If you are sat there thinking there's a better way, please let me know.
Many thanks to all who read this essay, I look forward to your replies. (Please up-vote this if you find it useful! There's a lot of forums with similar questions, but no proper answers)
I plan to start answering this as I find documentation. Hopefully more will join!
1.
How to define a connection string to a SQL Server 2008 database?
2.
SQL Server filter:
http://msdn.microsoft.com/en-us/library/windowsazure/microsoft.servicebus.messaging.sqlfilter.aspx
3. web farm
http://weblogs.asp.net/scottgu/archive/2010/09/08/introducing-the-microsoft-web-farm-framework.aspx
4. WF tutorials:
http://www.asp.net/web-forms/tutorials/deployment/configuring-server-environments-for-web-deployment/creating-a-server-farm-with-the-web-farm-framework
3/12/2014
A possible better solution is to use memecache - what facebook is based on
still need to find whether you can specify: use signalr or use redis message bus.
still need to find redis filter tutorials
14/03
GlobalHost.DependencyResolver.UseRedis("server", port, "password", "AppName");
Defines the servers to use redis. Need a filter
6/10/2014
After more research on scaling out, a possibleanswer is to not think of servers as a web of communications, but self-contained. The server uses sends to update the DB and using a timer you can get all the required information (messages etc) each loop from the DB for the users CURRENTLY logged in to that server. As such, it will scale out much easier. Not cheaply however.
So I want to create a Multi-Client/Server application. I know multiple clients can connect through one port, and I want to allow for the messages to be stored in a list when the server is "offline".
I'm having trouble finding information online to help me understand how the server can tell the difference between the multiple clients on the port. For example, if a 2 clients send messages to the server while it is offline and I store them in a list, how would I be able to tell the server that this message came from this client first so answer that, and then this message came from this client next?
Is there any information online on an easy way to achieve this? Any help would be greatly appreciated.
Sorry, I didn't make it very clear. I'll try again! Ok basically I want like a middleware between them so that the clients contact the middleware with the message, the middleware checks if the server is online and if so it sends it on, otherwise it will store the message(s) until the server is connected again. Does this make more sense? I'm not great at explaining myself, sorry again!
There seems to be some confusion of concepts here. When client are not connected they obviously can't send anything to the server and also don't have a port. Conversely, when the server is running and clients connect to it, the server has an object for each connection, representing each client.
Currently I'm tring an telnet client sample written by C# to connet a data acquisition unit, I could connect the server and send the commands, but I always received the same data (I cound't post images, the data is{255,253,3,255,254,1,255251,1}). I also do some research, seems this problem is related telnet protocol/negotiation, but I don’t have any more idea and experience on that what should I do, could anyboday please help to look at it? any suggestion & solution is appreciated.
others, I could directly use the telnet of OS to execute related commands to see the correct data.
If you don't need to display anything in a terminal window, respond to DO & WILL with WON'T to all offers. Replace 253/254 with 252 and send back to server. There maybe more negotiation from the server. Respond again as described above. After negotiation, log-in & password should follow, unless authentication is disabled. A successful log-in will follow copywright and other info till the user-prompt arrives. Now you are able to send OS-commands and process the response you get.