Which steps could you take to minimize the effect of a potential (D)DoS attack in IIS?
Question
With a single-server setup for simplicity, which steps could you do to minimize the attacks of a (D)DoS attack? And is it really worth it taking these steps, considering their effectivity and impact on 'normal' users?
[EDIT] I also meant to include steps which you would need inject into your code to apply, not only IIS setup.
Solution
A good point to start it´s having a good firewall that blocks IP when they are doing a lot of petitions per second.
The IIS LockDown Tool can be useful: http://technet.microsoft.com/en-us/library/dd450372(WS.10).aspx
OTHER TIPS
-- Identifying the expected number of users/connection and limiting the connection. -- URLScan can filter out unwanted requests.. search for URLScan on iis.net
:)
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow