Overnight we had 35000 instances of the Microsoft Windows IIS denial-of-service attempt. The weird part was that we were having lots of internal communication problems. I could ping devices at a branch, but they couldn't get to some internet sites or internal web sites. We route all our traffic back though our data centers to be filtered by our firewalls. The problems only went away when I moved the IDS to detection mode instead of prevention.
... View more
