Preventing DoS attacks via Forms

[jojo11]

We are starting to receive some attempts to submit website URL's and the like via forms on our enterprise site. We are not concerned about the content since we scrub submissions. However we are concerned about someone attempting a DoS attack by having a tool to repeatedley make bogus submissions.

We have thought about using the noisy image method, but that seems to have to occur server side which would not prevent a DoS.

Are there any good approaches to prevent these?

Thanks,
Joe

-------------------------------------------
Ummm, we have a bit of a problem here....

 

[PcLinuxGuru]

Im in the same boat you are. Currently implemting captcha image as if the numbers don't match the form isn't sent. If there is a better way of doing this without forcing a user login please holler.

 

[MichealC4]

How about setting up a session (PHP, ASP, JSP all allow this), maintaining it across the contact form, and increasing the count++ each submit attempt? Once the count reaches the limit, deny them access to the form. I would suggest doing this in addition to a visual confirmation test and/or something else.

----------------------------
"Will work for bandwidth" - Thinkgeek T-shirt