Re: IP based instant throttle?

2001-06-11 Thread Perrin Harkins
[EMAIL PROTECTED] (Randal L. Schwartz) wrote: > I'm told that my CPU throttler > was used at etoys.com for a similar purpose, and permitted them to > keep from losing millions of dollars of revenue due to people > spidering their catalog. That's correct, although it was actually a bunch of DoS at

Re: IP based instant throttle?

2001-06-08 Thread Justin
all. You've got to have a big bag > of tricks. Don't just look for one solution. > > Jeremy > > -Original Message- > From: Martin Redington [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 07, 2001 6:08 PM > To: [EMAIL PROTECTED] > Cc: Justin >

Re: IP based instant throttle?

2001-06-08 Thread Justin
good ideas, thanks. as someone said its cloggage on the backend due to either SQL server contention or more likely largish pages draining to the user even with all the buffers en-route helping to mitigate this. you can't win : if they are on a modem they can tie up 8 modperl demons, and if they a

RE: IP based instant throttle?

2001-06-08 Thread Christian Gilmore
You'd want to look at the scoreboard. mod_throttle_access (http://www.fremen.org/apache/) does this function based upon URI. The only changes would be to base it upon client IP and change the scope to allow it to be outside a block. It would be a minor change. Regards, Christian > -Original

Re: IP based instant throttle?

2001-06-08 Thread Roman Maeder
[EMAIL PROTECTED] said: > Well, if the reason you're throttling is to block excessive usage of > the machine, the full monty of CPU limiting will do that just fine, one kind of DOS would not be caught by looking at CPU usage, it is one that I have experienced a number of times, namely the use o

Re: IP based instant throttle?

2001-06-08 Thread Randal L. Schwartz
> "Ken" == Ken Williams <[EMAIL PROTECTED]> writes: Ken> [EMAIL PROTECTED] (Randal L. Schwartz) wrote: >> It would be pretty simple, basing it on my CPU-limiting throttle that >> I've published in Linux Magazine >> . Just grab a >> flock

Re: IP based instant throttle?

2001-06-07 Thread Ken Williams
[EMAIL PROTECTED] (Randal L. Schwartz) wrote: >It would be pretty simple, basing it on my CPU-limiting throttle that >I've published in Linux Magazine >. Just grab a >flock on the CPU-logging file in the post-read-request phase instead >of wri

Re: IP based instant throttle?

2001-06-07 Thread T.J. Mather
Hi Justin, What about the case where you would have several people accessing the site from behind a firewall at the same time? They would appear to be coming from the same IP Address. > On Friday, June 8, 2001, at 01:50 am, Justin wrote: > > > Does anyone see the value in a Throttle module th

Re: IP based instant throttle?

2001-06-07 Thread Martin Redington
Do you get flooded that frequently that this is an issue? I've seen DOS, and various buffer overflows etc. in the real world, but I've never seen this. Unless its happening very often, I would have thought that some monitoring and a 2am "Deny from ip" in your httpd.conf would be enough ...

RE: IP based instant throttle?

2001-06-07 Thread Jeremy Rusnak
rt, but it isn't the end all. You've got to have a big bag of tricks. Don't just look for one solution. Jeremy -Original Message- From: Martin Redington [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 07, 2001 6:08 PM To: [EMAIL PROTECTED] Cc: Justin Subject: Re: IP based i

Re: IP based instant throttle?

2001-06-07 Thread Randal L. Schwartz
> "Justin" == Justin <[EMAIL PROTECTED]> writes: Justin> Does anyone see the value in a Throttle module that looked at Justin> the apache parent status block and rejected any request where Justin> another child was already busy servicing *that same IP* ? Justin> (note: the real IP is in the