You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by "Ry." <im...@yahoo.com> on 2005/03/08 16:04:12 UTC
Protecting Axis from Denial Of Service Attacks
Hi, can you please let me know what are good ways to protect a web service from denial of service attacks. For my school project I need a write a section on this and, hopefully, create handler(s) to secure my simplish Axis service.
>From what I've read, it seems that I should validate the schema, and check parameters are within permitted ranges.
I also read that I should block unknown IP addresses, but I don't know how to do this with Axis/Tomcat. Is this a job, instead, for the firewall?
Should I use an XML security gateway/firewall, or rely on the application server?
Any info/thoughts/links, etc would be really appreciated
Thanks very much - have a nice day!.
Ry.
---------------------------------
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web