How to make ddos attack to my web application? - ddos

Hi I have developed web application in angular 5 and hosted in azure cloud. I am trying to prevent ddos attach to my application. I have added below code in my web.config.
<security>
<dynamicIpSecurity denyAction="NotFound">
<denyByRequestRate enabled="true" maxRequests="10" requestIntervalInMilliseconds="2000"/>
<denyByConcurrentRequests enabled="true" maxConcurrentRequests="10"/>
</dynamicIpSecurity>
</security>
Now I want to test my application by making concurrent calls to this application. I have two things here. Currently i have not deployed latest code to azure so above changes not there in my public site. I am trying to test in localhost by sending concurrent requests as ping http://localhost:1148/ -t -l 65000 When i do this i get ping request could not find host error is coming. Can someone help me to make ddos attack? Also i tried to public site as above and same error is poping up. Can someone help me to make attack? Any help would be appreciated. Thank you.

Related

Vue.JS + Socket.IO & Cloudflare

Im trying to run a website with socket.io Vue-Socket.io and want to enable DDOS protection from cloudflare. As I know cloudflare supports websocket-servers such as socket.io.
After I enabled cloudflare successfully and changed the ports of my socket-connection, the google dev console tells me:
Failed to load http://my-domain.com:2083/socket.io/?EIO=3&transport=polling&t=M9uD7PJ: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://my-domain.com.com' is therefore not allowed access. The response had HTTP status code 400.
Someone can tell me what I have to change?
PS: Im working with the vuejs-cli
This is a CORS issue.
In your socket.io server, add the configuration to enable CORS: server.origin().
In your case:
io.set('origins', 'http://my-domain.com:2083');
Again this is a server-side issue, it is just being reflected in Vue. But there's nothing Vue (or the client-side) can do about it.
I played around with some of the examples of #acdcjunior and found a solution finally.
On my server I implemented:
io.set('origins', 'http://my-domain.com:*');
For the clients I connect to the socket server:
export const SocketInstance = socketio('my-domain.com:2082');
don't ask me why, but I tried and tried around for about 7 Hours.. love programming :)

Azure webapp startup host address 127.0.0.1:80 An attempt was made to access a socket in a way forbidden by its access permissions

I have an issue with appears to occur randomly (however i suspect it occurs when starting up the application or changing the application settings). The error I'm getting is as follows:
An attempt was made to access a socket in a way forbidden by its access permissions 127.0.0.1:80
The particular error in my case occurs when trying to generate a authentication token using Identity Framework by making requests to the following url:
https://domainname/api/token
Note that the api/token url is specified within the owin pipeline > OAuthAuthorizationServerOptions > TokenEndpointPath. This get set on startup of the application.
From my understanding 127.0.0.1:80 is azures localhost and is forbidden for us to access, i'm not sure why its defaulting to localhost as a domain, my educated guess is something is happening during the startup that's first setting the host to localhost.
My question is does anyone else get this on startup (while the site is warming up) for azure web apps?
Have i configured something incorrectly for me to be getting this behavior?
I know this is a little open ended but is there anything i can do to resolve this issue?
That is the well-known issue described in the official documentation. You may not to access not just a 127.0.0.1, but i suspect that the problem is even a little different - it looks like something is wrong with the :80 port usage. IIS use that port, and i would try to change the port used by your app.
However, from your description is not clear who is that guy who tries to do that - your app tries to do something with the 80 port, or the Azure WebApp functionality.
Please try to start from the eliminating the possibility of some renewing events by enabling Always On in the Azure Web App setting. It will make your web app always on, and will help to understand if that is caused by the service.

Capture outgoing ASP.NET traffic from windows 10 with Fiddler

I recently upgraded to windows 10, and have discovered an issue that I was able to do on Windows 8.1, but seem to be unable to do on Windows 10.
In my ASP.NET web application I have a controller that receives a GET request and then issues it's own GET request to another server and then sends that response back.
When debugging I have added the following to the application web.config:
<system.net>
<defaultProxy>
<proxy autoDetect="false" bypassonlocal="false" proxyaddress="http://127.0.0.1:8888" usesystemdefault="false" />
</defaultProxy>
</system.net>
Which in 8.1 was able to capture both the local server request and the remote server request. However, I haven't been able to get Windows 10 to do the same.
I did exempt all in the WinConfig settings on Fiddler.
WinConfig won't affect anything; it only relates to Metro/Immersive apps.
If you update web.config to point to a bogus proxy (e.g. 127.0.0.1:1111) does it fail? If not, then your app isn't using the configured proxy settings.
If updating web.config doesn't work, you might try editing the appropriate (probably 64bit) machine.config.

Is there any proxy software (like proxifier) which can use Kerberos authentication?

My company uses PAC file to restrict any outgoing traffic through proxy server. The problem is, a lot of software does not provide the option to 'use IE setting', so that they cannot be connected to the internet.
I checked this PAC file up and found the right proxy server. But after I tried to use the proxy setting for these IE-unfriendly software, they still cannot get online. I used chrome to capture some packages and found the http header containing some Negotiation data. So I assume this proxy server uses some auto login mechanism like NTLM or kerberos.
But after I downloaded the famous Proxifier and tried to reroute the net traffic for some software, NTLM method did not work. I get the 502 error. Bummer...
Any hero comes to help! Am I thinking in the wrong way? Merci beacoup!
This is not a programming question but, did you try
cntlm (http://cntlm.sourceforge.net/) or
ntlmaps (http://ntlmaps.sourceforge.net/)?
Hope this helps

One website on IIS server cannot connect to SMTP host - how to track what happened

I have an ASP website on an IIS server, yesterday I noticed that this certain website was unable to send out any emails as Dynumail (something we use for SMTP emails in code) could not connect to the SMTP host.
This issue was only happening with this website and not any of the others on the same server that also use Dynumail.
Is there a way to track how this might have happened? To resolve the issue I restarted the website through the IIS GUI.
Any help on tracking down (and preventing) this issue would be greatly appreciated!