** Changed in: apache2 (Debian)
Status: New = Fix Released
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs
The connlimit module in iptables is an excellent defence against Apache
Denial of Service attacks. However, since upgrading to Karmic, iptables
is no longer blocking simultaneous connections when requested for me.
I had previously been using:
iptables -A INPUT -p tcp --syn --dport 80 -m connlimit
** Changed in: apache2 (Ubuntu)
Status: Confirmed = Triaged
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs
** Changed in: apache2 (Debian)
Status: Confirmed = New
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing
** Changed in: apache2 (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) = (unassigned)
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in
** Changed in: apache2 (Ubuntu)
Assignee: (unassigned) = Dekar (dekar-wc3edit)
** Changed in: apache2 (Ubuntu)
Assignee: Dekar (dekar-wc3edit) = (unassigned)
** Changed in: apache2 (Ubuntu)
Assignee: (unassigned) = Ubuntu Security Team (ubuntu-security)
--
apache2 DoS attack
Changing the priority doesn't really change the availability of a
solution. :) But I don't mind classifying it this way.
** Changed in: apache2 (Ubuntu)
Importance: Wishlist = High
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug
Can't you at least change the importance level? It is way more important
then wishlist, it is one of the worst things that could happen to a
fresh ubuntu server installation! Concerning to the guidelines it should
be high!
--
apache2 DoS attack using slowloris
Second this. This is a high priority security bug. You can't seriously
classify this as whishlist?!
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in
Apparently apache2-mpm-worker *is* the default choice of mpm, at least
some of the time (though the machine I first checked on had apache-mpm-
prefork, I am unsure why). My mistake, it would appear.
Using apache2-mpm-prefork would appear to be a viable workaround, unless
it leads to performance
It is a serious remote denial of service! It can be used from a single
modem line and take down a whole server without generating any logfiles
except normal access logs. It's funny how you guys treat it as
Wishlist for three months even though it's one of the worst remote
denial of service attacks
** Bug watch added: Debian Bug tracker #533661
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=533661
** Changed in: apache2 (Debian)
Importance: Undecided = Unknown
** Changed in: apache2 (Debian)
Status: New = Unknown
** Changed in: apache2 (Debian)
Remote watch: None = Debian
** Changed in: apache2 (Debian)
Status: Confirmed = New
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing
** Changed in: apache2 (Debian)
Status: New = Confirmed
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing
Some comments:
- All Apache MPMs are affected. The sole exception may be if you use the
event MPM without SSL.
- The slowloris attack leaves plenty of error 400 entries in the access
log.
- Using iptables connlimit with a reasonable maximum number of
connections per IP (like 1/5 or 1/10 of what
I'm not aware of a reasonable upstream solution to this yet; it is a
detectable, direct, denial of service, so there are methods that admins
can use to work around (iptables, etc).
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification
highA real problem, exploitable for many people in a default
installation. Includes serious remote denial of services,
local root privilege escalations, or data loss.
Thus it should be changed to HIGH and fixed ASAP!
** Also affects: apache2
Dekar: Did you actually test this at all? Please provide some evidence
to support your claims.
You have said that you believe this issue is:
A real problem, exploitable for many people in a default
installation. Includes serious remote denial of services,
local root privilege escalations,
** Changed in: apache2 (Ubuntu)
Importance: Undecided = Wishlist
** Changed in: apache2 (Ubuntu)
Status: New = Confirmed
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team,
** Visibility changed to: Public
--
apache2 DoS attack using slowloris
https://bugs.launchpad.net/bugs/392759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing list
20 matches
Mail list logo
