Return-Path: <new-httpd-owner-new-httpd-archive=hyperreal.org@apache.org>
Delivered-To: new-httpd-archive@hyperreal.org
Received: (qmail 24404 invoked by uid 6000); 7 Aug 1998 23:58:55 -0000
Received: (qmail 24396 invoked from network); 7 Aug 1998 23:58:54 -0000
Received: from redfish.go2net.com (207.178.55.5)
  by taz.hyperreal.org with SMTP; 7 Aug 1998 23:58:54 -0000
Received: from marcs by redfish.go2net.com with smtp (Exim 1.82 #2)
	id 0z4wOL-00030F-00; Fri, 7 Aug 1998 16:57:49 -0700
Date: Fri, 7 Aug 1998 16:57:49 -0700 (PDT)
From: Marc Slemko <marcs@znep.com>
X-Sender: marcs@redfish
To: new-httpd@apache.org
Subject: Re: YA Apache DoS attack
In-Reply-To: <Pine.LNX.3.96dg4.980807165739.2848Y-100000@twinlark.arctic.or
 g>
Message-ID: <Pine.GSO.4.00.9808071656510.188-100000@redfish>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: new-httpd-owner@apache.org
Precedence: bulk
Reply-To: new-httpd@apache.org

I'm just thinking that limited pools may be useful in a more general
sense in other areas.

16k would, for example, be way too low.  Setting a good limit is hard, but
I guess it can be configurable.

On Fri, 7 Aug 1998, Dean Gaudet wrote:

> On Fri, 7 Aug 1998, Marc Slemko wrote:
> 
> > How hard would it be to make a new pool for stuff like this and add the
> > ability to limit the size of a pool?  Would that be useful?  Could we pick
> > a limit that isn't braindead and isn't too big?  etc.
> 
> If you're going to limit the size of the pool then you may as well just
> read a limited amount from the client, and consider anything longer than
> that to be broken.
> 
> i.e. if \r\n\r\n doesn't appear in the first 16k, then tough. 
> 
> Dean
> 
> 
>