We have a server which runs a service on port 80. For the past 4 hrs, I can't get it to work and I just figured out a couple things and I have no idea how to fix it.
A) With the firewall open for port 80 connections;
1) CPU usage is around 50% (45% DPC Deferred Procedure Calls)
2) Telnet localhost 80 wont work.
B) With the firewall closed for port 80 connections;
1) CPU usage is 0%-1%
2) Telent localhost 80 connects.
I'm pretty sure it is someone sending a dos attack, but I don't know how to find his ip address. If anyone knows how I can find incoming ip addresses to a server, I would be grateful. If it can be something else, please share that info as well. Any help/advice would be much appreciated.
thanks
-Phil
A) With the firewall open for port 80 connections;
1) CPU usage is around 50% (45% DPC Deferred Procedure Calls)
2) Telnet localhost 80 wont work.
B) With the firewall closed for port 80 connections;
1) CPU usage is 0%-1%
2) Telent localhost 80 connects.
I'm pretty sure it is someone sending a dos attack, but I don't know how to find his ip address. If anyone knows how I can find incoming ip addresses to a server, I would be grateful. If it can be something else, please share that info as well. Any help/advice would be much appreciated.
thanks
-Phil