Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

DOS attack against server

 
john price
Ranch Hand
Posts: 495
Chrome Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So I have a server. People can do simple DOS attacks by just telneting my server from their machine. This locks up my server for a bit. When it comes back, the server GUI doesn't work, but the server resumes normal activities. The server is a very advanced messaging client with features such as login, register, change password, delete account, change color, mod functions and many other things. What I've found is when people use the DOS attacks (such as telnet), my program throws ConcurrentModificationExceptions all over the place. I have reduced the downtime of the server (initial lockup of attack) during a DOS attack, but it still goes down for a few seconds. I have it set up to where the server just "posts" the messages when it is done. Please note that the people who have send DOS attacks are testers and that I am not being REALLY hacked, yet. Before I put more time into this project (as I've put a LOT of time into it already), I need to stop these attacks. I was thinking like :

This is REALLY bad pseudo code, but you get the idea. Is this the right way in going about blocking DOS attacks. What happens is they stream so much traffic (not through the intended client), that it locks up my server for a few seconds...

Thanks,
John Price

EDIT: I would have to accept them first then check for IP address to see if they have sent x number of packets/messages/etc in x number of seconds. This is besides the point, because I need to know HOW to do it. This is just a random solution that may work...Anyway, current security, blocking spammers/hackers/etc, etc is all based on IP addresses.
 
john price
Ranch Hand
Posts: 495
Chrome Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I partially figured out a solution for this. I added the line inside of a try/catch statement:


This ensures that the handshake is started, which means they don't connected unless they are connected of course. This no longer locks users or the server out of anything and there is no delay. There is still one problem. With this (I'll post short code), if someone is attacking, the client waits to be connected until the "attack" (telnet or otherwise) is done. So users who are already connected to the server when the "attacks" happen are find, but others can't connect until the "attack" stops. How to allow other users to connect while being "attacked"?

Yes, the "*" aren't in my real code.
Thanks,
John Price
 
john price
Ranch Hand
Posts: 495
Chrome Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If I could just get "startHandshake()" to time out, I could set that to 3 seconds or so. If the handshake was not initialized, then I could cut off the client. How to do this? Good idea or do you have a better one?

Thanks,
John Price
 
john price
Ranch Hand
Posts: 495
Chrome Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I finally fixed this DOS attack. I did personal testing, but will have outside testers test tomorrow :

Manager


Seems to be fixed, but will post confirmatory update tomorrow.

Thanks,
John Price
 
john price
Ranch Hand
Posts: 495
Chrome Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
All the tests carried out seemed to be successful. *Closes topic*

John Price
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic