httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ivan Barrera A." <Br...@Ivn.cl>
Subject Re: Checkin for timeout?
Date Thu, 28 Apr 2005 17:55:23 GMT
>> That is true. But the idea beneath this, is detecting the atacckers.
>> Then, issuing the ip to a text file, which will be read by another
>> script that will fed the firewall to block connections.
>> Although it should increase the resources being used, it should be
>> minimal, as they aren't that expensive.
> 
> 
> So run the mod_status data and count connections per IP address.  This
> will be way more reliable than any network-performance criteria, IMHO.
> 

And then, just make the DoS distributed. You can fill the connections
again, without being the same, and taking forever to release a child.

Anyways, we can keep discussing that forever.
(And this is in the most polite way), my question wasn't about the
better way of detecting a DoS... i just want to know where should i put
a timeout cheking code. If it is possible to use a kind of filter, or
just major tweaking of apache source is needed.

I think such a feature should be present in the API, so advanced mod can
be made.


> Joshua.
> 

Mime
View raw message