Re: DOS attack from AS

From: Job Miller <jobmiller_at_yahoo.com>
Date: Thu, 29 May 2008 08:32:34 -0700 (PDT)
Message-ID: <653238.41521.qm@web53903.mail.re2.yahoo.com>

Oracle.com experiences this also.

Take a look at page 9 of this document:

http://www.oracle.com/technology/products/oem/pdf/twp_uxinsight_implementation_case_study.pdf

It talks about how Oracle uses UXInsight to see the impact on performance of this and identify the offenders, by IP (and other network packet data collected from the attacking packets)

interesting stuff.

Job

Louis BROUILLETTE <Louis.Brouillette_at_uqtr.ca> wrote: Once in a while (maybe once a month), our intranet is a victim of what I would call a DOS. Our application server (AS 10.1.2.2) receives hundreds of requests (all the same request with the same parameters) from the a user in a few minutes for a modplsql application. It's impossible for a person to send so much requests in that period of time. It floods the db (10.2.0.3) and everyone hangs.

Each time, it's a different user. Our PC experts scanned the PCs with a variety of antivirus and anti-spyware but found nothing suspicious. Anyone else have experienced something like that ?

Louis Brouillette
Analyste en informatique (DBA)
Universite du Quebec a Trois-Rivieres
Tel: (819) 376-5011 ext. 2435
Email: brouille_at_uqtr.ca

--

http://www.freelists.org/webpage/oracle-l

--

http://www.freelists.org/webpage/oracle-l Received on Thu May 29 2008 - 10:32:34 CDT

This message: [ Message body ]
Next message: Mark W. Farnham: "RE: Overhead of table with empty partitions"
Previous message: Louis BROUILLETTE: "DOS attack from AS"
In reply to: Louis BROUILLETTE: "DOS attack from AS"
Next in thread: Matthew Zito: "RE: DOS attack from AS"
Reply: Matthew Zito: "RE: DOS attack from AS"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message