httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From TOKI...@aol.com
Subject Re: cvs commit: httpd-2.0/server protocol.c
Date Tue, 26 Oct 2004 13:08:55 GMT

>> You MUST have SOMETHING that knows the difference
>> or you don't have DOS protection.
>> 
>> Also... if you wait all the way until you have a 'log' entry for
>> a DOS in progress then you haven't achieved the goal
>> of sensing them 'at the front door'.
>
>  I don't set myself that goal. I agree that it's the best place
>  to detect a DoS but it's often not possible for various reasons.
>  With that option not available I prefer to be able to detect
>  DoS attacks anywhere I can.

Roger that.

>> What I was suggesting is some kind of 'connection' based
>> filter that has all the well-known DOS attack scheme
>> algorithms in place and can 'sense' when they are happening
>> before the Server gets overloaded.
>
>  That does not need to be in web server at all. It can
>  work from within the kernel, or be a part of a network
>  gateway.

Double Roger That

Yours...
Kevin Kiley


Mime
View raw message