Stephanie,
Y'know, it's weird that such a technically simple attack still has no
commonly implemented defenses. I would venture to say that you can
knock out the majority of webservers on the Internet today with a very
small shell script that telnets to it a bunch of times on port 80 and
leaves th
lt-in countermeasures to
stop this sort of attack.. I haven't been able to find anything on
this myself, so would you mind pointing me to the relevant information
in apache's docs? Maybe I'll have to upgrade..
On 5/28/06, Nick Kew <[EMAIL PROTECTED]> wrote:
On Sunday 28 May 2006 19:23, Ser
because of what server-status
says: It's still reading the request, and that includes the IP.
--Graham Frank
-Original Message-
From: Sergey Tsalkov [mailto:[EMAIL PROTECTED]
Sent: Sunday, May 28, 2006 12:50 PM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] need help fighting DoS
Hey guys.. My Apache was hit with a DoS attack, where the attacker was
opening connections to the server and not sending any data. It quickly
reached the MaxClients limit and prevented any further connections to
the server.
The Server Status was filled with lines like this:
7-2 40390/8/8