IIS DDoS exploit

[Fibfbi]

Hey guys, someone came on my hotel and told me there's a DDoS exploit in IIS.

How do i fix this, supposedly you can down someones IIS web server with this IIS ddos type exploit, even if you have http proxy & cloudflare combo etc.

[MentaL]

[DeniTO]

Never heard of anything like that before.
I am using IIS since ages, and never had an issue with such things.
Perhaps you need to check your Setup again, if you are getting attacks on your Server.

[Fibfbi]

Never heard of anything like that before.
I am using IIS since ages, and never had an issue with such things.
Perhaps you need to check your Setup again, if you are getting attacks on your Server.

You're wrong, there is an exploit. Your hotel isnt big enough this is why you havent been attacked, only a few know about this. They can down ur server with a specific attack via iis exploit but you need to patch it via a few lines of code. I dont know what the code is tho

[The General]

Sounds like you want rate limiting and IP filtering? IIRC there was a module for that. Haven't used IIS in years.

Also make sure to update to the latest version if you haven't already just to be sure.

[Fibfbi]

Sounds like you want rate limiting and IP filtering? IIRC there was a module for that. Haven't used IIS in years.

Also make sure to update to the latest version if you haven't already just to be sure.

No, I do not want this.

[DeniTO]

You're wrong, there is an exploit. Your hotel isnt big enough this is why you havent been attacked, only a few know about this. They can down ur server with a specific attack via iis exploit but you need to patch it via a few lines of code. I dont know what the code is tho

Soo, how can you judge my hotel if you dont even know me? I ran several popular hotels with 70-100 users and never had isses with IIS.
Just Check your config smh, check the firewall, get a better server idk

[rstrui]

no such IIS Exploit, been using IIS for years.
I don't recommend to use CloudFlare, even if you pay.

By using CF, your hotel will get taken down so easily, there're sites that only support in taking down websites which uses Cloudflares HTTP.
I recommend you to stop using CF if you don't have Enterprise and start using Blazingfast, Hyperfilter or Sucuri

[dominic]

https://www.youtube.com/watch?v=EK5pPPCZOBA taking every IIS installation down since 07

[Gaby]

Yes, this exists. When I was still doing retros, I've never been able to solve this. I recommend the Cloudflare under attack mode, it seems to do the trick.

[Chapo]

https://www.youtube.com/watch?v=EK5pPPCZOBA taking every IIS installation down since 07

Ez, you just have to know how a 'installation' works

Yes, this exists. When I was still doing retros, I've never been able to solve this. I recommend the Cloudflare under attack mode, it seems to do the trick.

It's in the App Pool/FastCGI settings, no cloudflare under attack needed.

[Gaby]

It's in the App Pool/FastCGI settings, no cloudflare under attack needed.

Nice, I've never known this!

[dominic]

Ez, you just have to know how a 'installation' works
It's in the App Pool/FastCGI settings, no cloudflare under attack needed.

it can't be fixed without cf :b

[NOC]

As a service provider, I have assisted countless hotels with their hotel services.

This is what we do / advise on a low budget

1)Cloudflare free with under attack mode enabled
2)iis dynamic ip restrictions setup to only allow connections from the cloudflare IP ranges otherwise set it to drop the connection (also removes the need for TCP proxies) if not on such a tight budget and can afford $20 then go for Sucuri and tweak their default settings from the control panel.

We have helped loads of clients with this and only seen actual rented ($ per hour) ddos services get past this, not the cheap booters people buy for $10