A DoS attack is launched by failing to complete the handshake that is implicit in the creation of a TCP connection. The attacker attempts to create a large number of partially open TCP connections.
|
Increasing the idle connection timeouts is unrelated to this type of attack.
The time within which a TCP handshake must complete is a separate threshold that is governed by the Windows TCP/IP stack.
|
A DoS attack is launched against IIS by opening a large number of TCP connections but never issuing an HTTP request over any of them.
|
Increasing the idle connection timeouts is unrelated to this type of attack.
IIS mitigates this threat by requiring that a client submit a fully-formed HTTP request within a certain time before dropping the connection. The name of the Connection Timeout setting in the IIS management console is misleading; TCP connections are closed when the Connection Timeout value is exceeded (120 seconds by default).
|
An attacker establishes a large number of TCP connections, issues HTTP requests over all of them, but never consumes the responses.
|
Increasing idle connection timeouts is unrelated to this type of attack.
This threat is mitigated by the same timeout as the previous scenario. The Connection Timeout setting in IIS defines the time within which a client must issue either its first request after a TCP connection is established or a subsequent request in an HTTP keep-alive scenario.
|
