Microsoft Switzerland Security Blog

Security informations brought to you by the Swiss Security Team.

Anti-DoS Dynamic IP Restrictions for IIS 7.0 Hits Beta2

Anti-DoS Dynamic IP Restrictions for IIS 7.0 Hits Beta2

  • Comments 1
  • Likes

Microsoft has made available for download the second Beta development milestone of an anti-DoS extension for version 7.0 of Internet Information Services [IIS].
The Microsoft Dynamic IP Restrictions for IIS 7.0 has reached Beta2 and is up for grabs via the Microsoft Download Center in two flavors, 32-bit (x86) and 64-bit (x64).

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=a0920a32-b63d-4e13-8e42-7ad7ad9b3168

The Dynamic IP Restrictions Extension for IIS provides IT Professionals and Hosters a configurable module that helps mitigate or block Denial of Service Attacks or cracking of passwords through brute-force by temporarily blocking Internet Protocol (IP) addresses of HTTP clients who follow a pattern that could be conducive to one of such attacks. This module can be configured such that the analysis and blocking could be done at the Web Server or the Web Site level. The module includes the following features:

  • Seamless integration into IIS 7.0 Manager.
  • Dynamically blocking of requests from IP address based on either of the following criteria:
    • The number of concurrent requests.
    • The number of requests over a period of time.
  • Blocking of requests can be configured at either site or server level.
  • Configurable deny actions allows IT Administrators to specify what response would be returned to the client. The module support return status codes 403, 404 or blocking the requests entirely.
  • Support for IPv6 addresses.
  • Support for web servers behind a proxy or firewall.

- Urs


Comments
  • Need to be able to select the type of hack attempt ie. login failed attempts.

    This will counts all requests which makes this useless in practice.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment