Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Reporting DoS vulnerabilities


oswaldo_olivo

Recommended Posts

@@wHiTeHaT Thanks for the link. I'm familiar with DOS attacks but DOS vulnerabilities implies something else. In either case, it isn't something that would be handled by the oscommerce code, at least that I can see. But maybe I'm still not understanding the question.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

@@Jack_mcs , i think the OP run such software on it, and that soft tells by default to "contact the manufacturer" of the soft to show him the report.

 

I cannot imagine a security expert will go ask for the contact details in a forum, to it's forum users.

 

As it is clearly easily to find out?

 

 

 

 

Let's hope it is just like i think it is lol.

Link to comment
Share on other sites

DoS attacks are normally taken care of the hosting provider. A DoS attack normally has nothing to do with any specific application vulnerabilities, but is an attempt to bog down and overpower the server by deliberately sending excessive requests to a site. You can somewhat block one via .htaccess DENYs (if you can see a small set of offending IP addresses), but it is usually better handled higher up the food chain by the host. 

 

If this is actually a Distributed DoS attack, with incoming requests from zombied computers all over the world, the only recourse may be to block everything from your site for a while, until the attacker gives up or loses interest. Then you can restore service, hoping that the attacker has moved on to something else. Talk to your host about what they can do.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...