Joshua Slive [EMAIL PROTECTED] wrote:
Ok. I see the issue better now.
But what really is the point in trying to eliminate the client who
dribbles out data in order to get around the TimeOut? If you are
performing a DDoS, you can easily behave just like an ordinary client
(requesting real
On Wed, Nov 21, 2007 at 02:53:11PM -0500, Joshua Slive wrote:
DDoS is a read herring as far as I'm concerned.
If you have an attacker with a significant DDoS network there is
NOTHING you can do to stop them. They can simply send junk down the
line to tie up your network connection. No
Joshua Slive [EMAIL PROTECTED] wrote:
Apache httpd does log when a connection hits a TimeOut. (Or if it
doesn't, that is certainly a bug that should be reported.) So I don't
really understand the premise here.
If you hit the timeout, the request is logged in the error log at loglevel
error.
That
This sounds like a serious issue and the links/hints I have seen
in this thread do not seem to acknowledge this fact.
If it's a single IP address, then you can block it with the tool of
your choice. That's obvious. But in a DDoS setting, your apache server
is as dead as the parrot in Monthy