httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: mod_auth-any/1672: Authentication / .htaccess DoS attack (fwd)
Date Thu, 15 Jan 1998 10:54:46 GMT
Dirk-Willem van Gulik wrote:
> 
> On Wed, 14 Jan 1998, Marc Slemko wrote:
> 
> > > We'll never be able to protect against DoS attacks, esp if a
> > > nasty user wants to fool around... After all, they could upload
> > > a HUGE graphic, then log in with a 9600baud modem, load the image,
> > > and as that comes through, create a new browser-window, load it
> > > again, etc.. until MaxClients.
>  
> But there is already a lot of time-out type of protection in the various
> not so blocking read/writes. That is different from the /dev/zero type of 
> go-away problems; which might mean an overall resource/time/cycles limit.
> 

cron, lynx, shell.

Think about it :)

-- 
====================================================================
      Jim Jagielski            |       jaguNET Access Services
     jim@jaguNET.com           |       http://www.jaguNET.com/
            "Look at me! I'm wearing a cardboard belt!"

Mime
View raw message