Hi. I'm new to the list, and i hope not to be posting out of topic.
I've been trying to do this (read byte to byte the client request)
since a while, with no success. I've asked in the modules list also.
My idea is to be able to know the time between every char that
arrives. Why? because we've
no chance ?
Ivan Barrera A. wrote:
Hi. I'm new to the list, and i hope not to be posting out of topic.
I've been trying to do this (read byte to byte the client request)
since a while, with no success. I've asked in the modules list also.
My idea is to be able to know the tim
Why not use the time since the start of the request instead?
Ok.. i tought about that, but the problem arises when i need to check
every byte.
Why ? , because my input filter is getting control over when a line is
entered. With a little perl script, i'm opening a socket and putting the
same char ov
However, it isn't finished, and I'd like to know more about the status
of the module? What's holding development back
Lack of anyone doing the work.
As an old Apache 1.3 suexec hacker I might be willing to help, but the
code looks a bit nasty!
Well, if you can do the work, a lot of people wi
William A. Rowe, Jr. wrote:
At 11:23 AM 4/20/2005, Ivan Barrera A. wrote:
Ok.. i tought about that, but the problem arises when i need to check
every byte.
Why ? , because my input filter is getting control over when a line is
entered. With a little perl script, i'm opening a socket and pu
You should reimplement the core filter, which will allow you to drive
network socket activity, even if mod_ssl is in place.
i was afraid you might say that :)
It's not nearly as difficult as you might imagine, took me about
three days for mod_ftp's core filter replacement (had to poll both
the dat
.scr files are usually windows screensaver files (exe files with another
extension).
Most probably they are virus/worms/trojan , etc.
If they are bounced to you, as if you were sending them, it is because
someone with windows (outlook probably) has you on the address book, and
his computer is i
Hi..
I've made my peace with trying to read a request byte to byte. However,
i'm still trying to get the time between line-input from sockets.
It is pretty easy to DoS Apache, with a small
(put-your-favorite-scripting-language-here) script, where i input a line
.. wait a little less that the timeo
>> I've made my peace with trying to read a request byte to byte. However,
>> i'm still trying to get the time between line-input from sockets.
>> It is pretty easy to DoS Apache, with a small
>> (put-your-favorite-scripting-language-here) script, where i input a line
>> .. wait a little less that
>> That is true. But the idea beneath this, is detecting the atacckers.
>> Then, issuing the ip to a text file, which will be read by another
>> script that will fed the firewall to block connections.
>> Although it should increase the resources being used, it should be
>> minimal, as they aren't t
> I know that you hate further tips on doing this differently, but I would
> propose to
> simply lower the value of Timeout and KeepAliveTimeout to 3 seconds.
> Even if it would be possible to write a filter which does this job (which I
> doubt) you
> would have to define some kind of "Timeout" a
Hi...
I'm still fighting (probably for a lost cause.. but my boss ask me to
do this).
In the socket activity there are some troubles dealing with timeouts.
It is pretty easy to Anyone DoS any apache webserver.
I want to propose implementing a request timeout time, or at least a
check for incomi
It doesn't.
Rasmus Lerdorf wrote:
> Turn on accept filtering and this problem goes away. Or at least it
> moves to be a kernel-level issue instead of an Apache one.
>
> -Rasmus
>
> Ivan Barrera A. wrote:
>
>> Hi...
>>
>> I'm still fighting (
;>
>>
>>>Turn on accept filtering and this problem goes away. Or at least it
>>>moves to be a kernel-level issue instead of an Apache one.
>>>
>>>-Rasmus
>>>
>>>Ivan Barrera A. wrote:
>>>
>>>
>>>
>>>&
>> How about linux ? how about Windows ? how about (put your favorite OS
>> here) ?
>
>
> Linux has SO_ACCEPTFILTER which doesn't trigger the accept until there
> is data, so accept filtering works on Linux too. Windows? No idea. But
> I bet an Apache DoS would be the least of your worries ther
> You mean the httpready filter? The accept will trigger once the buffer
> is full, so yes, large requests will defeat it eventually, but you still
> get the benefit of not tying up an Apache process until the buffer has
> been filled. The question was regarding just opening up lots of
> connecti
>>>I did fix an issue last year where even with accept filtering enabled
>>>you could DoS any Apache server by simply opening MaxClients connections
>>>and trickling a carriage return to each connection very slowly. So for
>>>people seeing DoS issues like this, I would suggest upgrading to the
>>>
This isn't the correct list for this.
Try the user list.
Andreas Bauer wrote:
> Hello!
>
> Can somebody help me, please?
>
> My OS is Suse 9.2 pro. Apache and Tomcat work for me.
> But If I start Apache with normal httpd.conf, Apache works for me.
> If I paste my lines for Apache-Tomcat Connecti
Torsten Curdt wrote:
> Hey guys,
>
> currently mod_speling does a redirect to the correct
> resource.
>
> Now we have the problem that a legacy client implementation
> does not support redirects *sigh* ...so I was wondering
> whether it would be possible to add support for serving
> the correct
Hi,
I've been working on this mod since a time now. I've done most of the
work before, but i'm working on improve and fix some bugs.
This started as an ugly hack to bandwidth_mod for apache 1.x (really
ugly). Then looking at some other code, i learn how to do it the right
way (using buckets,
Hi All.
I'm working on a bandwidth module for apache.
My question is as follows :
Recently, a user asked me why on windows, he can get higher bandwidth
only with mod_bw. Without it, he can get about 1.6MB/s. Usind the mod,
and setting unlimited , he gets ~9MB/s.
I'm not on my develop system, so
21 matches
Mail list logo