httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reindl Harald <h.rei...@thelounge.net>
Subject Re: URL scanning by bots
Date Tue, 30 Apr 2013 19:01:14 GMT


Am 30.04.2013 20:38, schrieb Ben Laurie:
> On 30 April 2013 11:14, Reindl Harald <h.reindl@thelounge.net> wrote:
>> no - this idea is very very bad and if you ever saw a
>> DDOS-attack from 10 thousands of ip-addresses on a
>> machine you maintain you would not consider anything
>> which makes responses slower because it is the wrong
>> direction
> 
> There's no reason to make this a DoS vector - clearly you can queue
> all the delayed responses in a single process and not tie up available
> processes. And if that process gets full, you just drop them on the
> floor

PLEASE inform you how a server works

* you have at least a lot of open connections
* you will overload port and/or file-hanlde ressources
* delay respones is purely idiotic
* on any server with load you will ALWAYS get rid of connections
  as fast as possible in ANY situation and context

PLEASE come back until you understood why delay responses is
simply idiotic, even for regular sites if they have noticeable
load and a lot of 404 because a relaunch or whatever bug



> In general, I hate the argument that improvement X has obvious
> workaround A and therefore we should not bother with it. It's
> absolutely impossible to make forward progress in security with that
> attitude

and with your attitude propose things while not understand
any basics it would be a imporvment of what possible?




Mime
View raw message