Anshul Mohan Gupta created THRIFT-5779:
------------------------------------------
Summary: Thrift server getting killed for incomplete requests
Key: THRIFT-5779
URL: https://issues.apache.org/jira/browse/THRIFT-5779
Project: Thrift
Issue Type: Bug
Components: C++ - Library
Affects Versions: 0.12.0
Reporter: Anshul Mohan Gupta
Assignee: Anshul Mohan Gupta
The thrift server is getting killed when using security port scan tools in the
hosts running the thrift server. These tools try to connect to the open ports
by sending requests to the ports, and the error can happen when accept syscall
call, waiting for an incoming connection, or receiving a connection that
terminates before the accept process completes, hence killing the thrift
server. This can cause potential DoS (Denial of service) attacks on the
applications running the thrift server, causing them to become unresponsive.
Sometimes, even just running the netcat (nc -zvvvw2 <hostname> <thrift server
port>) on the port remote can kill the entire thrift server, making it
unresponsive.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
