We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

View Complete Thread
  • Re: How can I find out attack attempts

    Oct 26, 2020 02:23 AM|samwu|LINK

    Hi fernando-sianet,

    We have lot of tools and techniques available to identify DOS attacks. But, the classical way is to look at various log files and that’s where LogParser will help us a lot. the LogParser can identify Denial of Service attacks from IIS Logs.

    For a normal production server, we will see lot of log files in IIS logfiles folder. One classic way people follow as a preliminary step is to check for patterns in the sizes of those log files. If they see a sudden spike in size, they will pay attention to those log files to check if they have recorded any malicious attempts. Instead of scrolling through that large list of LogFiles in windows explorer, we can leverage LogParser to query the sizes of those files. 

    More information about how to identify whether our application had undergone a DOS attack or not from the IIS logs you can refer to this link: Log Parser - Identifying DOS attacks from IIS Logs

    IIS.NET forums are moving to a new home on Microsoft Q&A, we encourage you to go to Microsoft Q&A for .NET for posting new questions and get involved today. Learn more >