Date: Mon, 29 Jul 2002 17:59:16 -0600 From: "Duncan Patton a Campbell is Dhu" <campbell@neotext.ca> To: Colin Faber <cfaber@fpsn.net>, Cyrus <cyrus@odsource.com> Cc: security@FreeBSD.ORG Subject: Re: counter apache DoS attacks? Message-ID: <20020729235916.M5438@babayaga.neotext.ca> In-Reply-To: <3D4584DA.190EEB9C@fpsn.net> References: <20020729050402.Q47608-100000@odsource.com> <3D4584DA.190EEB9C@fpsn.net>
next in thread | previous in thread | raw e-mail | index | archive | help
For this to work depends on some things. Is it always the same boxes doing the requests? Same set of boxes? Also, if memory is the problem, not band, there is some kind of apache setting that causes the daemons to suicide and respawn after a <parameter> number of connections which frees up any memory leaked by the process. It may be you have apache set up to not do this (which is possible to do). Duncan Patton a Campbell is Duibh ;-) ---------- Original Message ----------- From: Colin Faber <cfaber@fpsn.net> To: Cyrus <cyrus@odsource.com> Sent: Mon, 29 Jul 2002 12:09:30 -0600 Subject: Re: counter apache DoS attacks? > ipfw add deny tcp from <ip/mask> to any 80 > > ;-) > > Cyrus wrote: > > > > Several people get their jollies off by having differnet servers > > infinitely request my main page thousands of times each therefore shooting > > my memory to poo and a lot of bandwidth. But my problem is the memory, not > > the bandwidth. I've looked through mod_throttle and such, not for me. Is > > there anything out there that can automatically detect and take an action > > for this type of attack? I dunno...like use route on the offenders IP and > > such. But for it to do this automatically. Anyone have any suggestions? > > Thanks in advance. > > > > -Cyrus > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > -- > Colin Faber > (303) 736-5160 > fpsn.net, Inc. > > * Black holes are where God divided by zero. * > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the > message ------- End of Original Message ------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020729235916.M5438>