Sometime Today, Hiten Desai assembled some asciibets to say:
I m having dos attack on my apache web server
It is most likely someone who is infected with Nimda or a similar worm. Do a whois on the IPs, and contact the administrators. I've had a lot of success with this method alone.
which is also simeltenously having our imap as well as pop3 server have checked with top it some times of the
You probably shouldn't have all these on the same machine. pop3 and imap are insecure protocols (imap is more secure, but still crackable). You should ensure that they are at least not accessible via the net.
doesnt have any solution for the timebeing he says to stop and restart the httpd service when it happens
You can try blocking those IPs (through tcpd or ipchains), or blocking those specific request urls in apache. Check apache docs for this. It should be something like:
<Files .*.exe> deny from all </Files>
but check anyway
we are having dedicated connection and around 500+ email users please infrom me if there are any monitoring tools for sendmail /dos attack /apache which can be monitored in
search freshmeat.net. There are a few out there. Search in the log analyser category.
Philip