[mailto:[EMAIL PROTECTED]
Gesendet: So 28.05.2006 19:50
An: users@httpd.apache.org
Betreff: [EMAIL PROTECTED] need help fighting DoS attack on Apache
Hey guys.. My Apache was hit with a DoS attack, where the attacker was
opening connections to the server and not sending any data. It quickly
reached
It was thus said that the Great Sergey Tsalkov once stated:
Hey guys.. My Apache was hit with a DoS attack, where the attacker was
opening connections to the server and not sending any data. It quickly
reached the MaxClients limit and prevented any further connections to
the server.
For
Hey guys.. My Apache was hit with a DoS attack, where the attacker was
opening connections to the server and not sending any data. It quickly
reached the MaxClients limit and prevented any further connections to
the server.
The Server Status was filled with lines like this:
7-2 40390/8/8
because of what server-status
says: It's still reading the request, and that includes the IP.
--Graham Frank
-Original Message-
From: Sergey Tsalkov [mailto:[EMAIL PROTECTED]
Sent: Sunday, May 28, 2006 12:50 PM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] need help fighting DoS
, and that includes the IP.
--Graham Frank
-Original Message-
From: Sergey Tsalkov [mailto:[EMAIL PROTECTED]
Sent: Sunday, May 28, 2006 12:50 PM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] need help fighting DoS attack on Apache
Hey guys.. My Apache was hit with a DoS attack, where
On 5/28/06, Sergey Tsalkov [EMAIL PROTECTED] wrote:
This is very wrong. I can't figure out why Apache doesn't have any
defense against such an obvious attack -- even the connection limiting
modules can't help because they have no way of knowing that all the
requests are coming from the same IP.
On Sunday 28 May 2006 19:23, Sergey Tsalkov wrote:
This is very wrong. I can't figure out why Apache doesn't have any
defense against such an obvious attack -- even the connection limiting
modules can't help because they have no way of knowing that all the
requests are coming from the same
I'm using Apache 1.3.36. mod_choke is supposed to be able to limit the
number of connections per IP, but fails to do so for the reason
discussed earlier in this thread. mod_evasive, and anti-DoS tool, also
failed to stop the attack.
Nick, you mentioned that Apache 2.2 has built-in
On Sunday 28 May 2006 21:23, Sergey Tsalkov wrote:
I'm using Apache 1.3.36.
*sigh*. Of course a server that's been obnsolete for more than
four years isn't up to date. Any 1.x server leaves you with every
connection tying up an entire process.
mod_choke
Never heard of it.
Nick, you
On 5/28/06, Sergey Tsalkov [EMAIL PROTECTED] wrote:
Anyone have any suggestions?
What you've described doesn't really look like a dangerous DOS-attack.
If clients just open connections and stay idle, there's a lot of good
workarounds:
1) lower timeout, and raise number of listening servers
2)
10 matches
Mail list logo
