Submit a ticketCall us

WebinarUpcoming Webinar: Know What’s Changed – with NEW Server Configuration Monitor

Change management in IT is critical. But, even with a good change management process, changes are too often not correctly tracked, if at all. The configuration of your servers and applications is a key factor in their performance, availability, and security. Many incidents can be tracked back to an authorized (and sometimes unauthorized) configuration change, whether to a system file, configuration file, or Windows® Registry entry. Join SolarWinds VP of product management Brandon Shopp to discover how the new SolarWinds® Server Configuration Monitor is designed to help you.

Register now.

Home > Success Center > Orion Platform > Orion - Knowledgebase Articles > SolarWinds is detected as the source of a Denial of Service attack

SolarWinds is detected as the source of a Denial of Service attack

Table of contents

Updated February 13, 2018

Overview

This article provides information about why SolarWinds might be identified by security tools as the source of Denial of Service attack.

Environment

  • All SolarWinds products

Detail

SolarWinds is commonly identified as the source of a Denial of Service attack. This happens because SolarWinds polls information using ICMP, SNMP, and WMI. It collects information every 2 minutes by default. Another reason is that SolarWinds uses fast polling if it did not receive information from a monitored node or a node does not reply to a SolarWinds request. 

 

For more information, see this article:

https://thwack.solarwinds.com/thread/41933

 

Recommendation: 

We recommend exempting SolarWinds from your security scan. 

 

 

Last modified

Tags

This page has no custom tags.

Classifications

Public