Defending Against Denial-of-Service Attacks

Someone could start a denial-of-service attack against an installation of Microsoft® BizTalk 2009 Accelerator for RosettaNet (BTARN) by stressing the RNIFReceive.aspx receive page. They could do so by sending large numbers of empty messages to that page. If left unchecked, such an attack could flood the event log with events published by the ASPX receive page.

To defend your server against denial-of-service attacks, it is recommended that you maintain the event log at a reasonable size and take steps to deal with excessive numbers of events. You can accomplish this by setting the maximum log size, selecting a way of overwriting events, or using Windows® Management Instrumentation (WMI) to manage the size of the log. For more information, see Help for Microsoft Windows Server™.

Other Resources


Community Additions