I absolutely need help with this… I’m not an admin so I have to learn really quick when something happens. It appears that people are hitting the file directly, which is causing a slowdown.
I have a HotLink blocker installed on IIS, which basically like URLrewrite on Apache servers. I am using this hotlink blocker on the ad file, so if it is hit directly they get diverted to the front page (I’m trying to get IIS to just drop the connection).
I read an article about DoS attacks, and there were some registry tweaks that basically shorten the TCP connection timeout so DoS attack connections quit sooner. I’m not sure if a software firewall will help, or if I should really look into a hardware firewall.
Any help you have would be appreciated. The attack is ongoing, and I just rebooted the server to implement the registry changes.