Return-Path: Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 38186 invoked by uid 500); 31 Mar 2002 02:19:17 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 38175 invoked from network); 31 Mar 2002 02:19:17 -0000 Received: from unknown (HELO dolphin.voxtreme.com) (66.78.13.2) by daedalus.apache.org with SMTP; 31 Mar 2002 02:19:17 -0000 Received: from h24-77-147-236.ok.shawcable.net ([24.77.147.236] helo=legolas) by dolphin.voxtreme.com with smtp (Exim 3.34 #1) id 16rUwH-0003eU-00 for users@httpd.apache.org; Sun, 31 Mar 2002 03:19:25 +0100 Message-ID: <000a01c1d85a$8fee4d20$ec934d18@legolas> From: "Duncan" To: Subject: fork bombs ... how to prevent malicious attacks? Date: Sun, 31 Mar 2002 04:20:00 +0200 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0007_01C1D86B.52D38A20" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - dolphin.voxtreme.com X-AntiAbuse: Original Domain - httpd.apache.org X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [0 0] X-AntiAbuse: Sender Address Domain - ring-wraith.com X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N ------=_NextPart_000_0007_01C1D86B.52D38A20 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi, i recently encountered a fork-bomb on my server. I havent had any experience with this kind of stuff before, so it took = me quite a while to figuere out whats going on and how to remove it. So, i would like to know, if there is any way, i can set apache or = configure my server, so that such fork-bombs wont crash my server again? Is there any kind of real-time protection, or is the only way to check = the cgi-files for such content? Sorry, i am really new to this and would like to learn more, so that = such a thing won't happen again. ...i will never understand those guys, that do such stuff... regards, Duncan ------=_NextPart_000_0007_01C1D86B.52D38A20 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Hi,
 
i recently encountered a fork-bomb on = my=20 server.
I havent had any experience with this = kind of stuff=20 before, so it took me quite a while to figuere out whats going on = and how=20 to remove it.
So, i would like to know, if there is = any way, i=20 can set apache or configure my server, so that such fork-bombs wont = crash my=20 server again?
 
Is there any kind of real-time = protection, or is=20 the only way to check the cgi-files for such content?
 
Sorry, i am really new to this and = would like to=20 learn more, so that such a thing won't happen again.
...i will never understand those guys, = that do such=20 stuff...
 
regards,
 
Duncan
 
 
------=_NextPart_000_0007_01C1D86B.52D38A20--