httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George Gallen" <ggal...@slackinc.com>
Subject RE: [users@httpd] URL - 33000 Characters Length
Date Mon, 29 Mar 2004 15:52:04 GMT
I've been getting these lately as well.

Other than eating up log space, seems so far my
server isn't overflowing, but rather logging it as 
a URL too long error. Good I guess.

I would think, even if you set the maximum URL length
you will still get the same amount of space eaten up
in the logs.

If you start getting a lot, maybe setup an hourly cron
job to go through and remove anything out of the log
files that have lines greater than 1000 bytes, or 
some particular string, this way it won't send your
system into a partition full situation.

George

>-----Original Message-----
>From: Jack L. Stone [mailto:jackstone@sage-one.net]
>Sent: Monday, March 29, 2004 10:25 AM
>To: users@httpd.apache.org
>Subject: [users@httpd] URL - 33000 Characters Length
>
>
>Dear list:
>The other day, I asked for help on this issue which I believed 
>was on-topic
>for this list. Since I did not get an answer, I tried the 
>fbsd-questions
>list and got one answer that seems close to a solution.
>
>The problem: One server is being hit with a continuous 33,000 character
>URLs which look like this:
>/\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x
>02\xb1\....
>on & on...
>
>...then followed by another, and another.
>
>One suggestion on the other list thought the following:
>[...]Someone's trying a buffer overflow trick on you. The way this
>technique would work is that the sender would attempt to send 
>a request too
>big for your system to handle, once it reaches the "too big" mark,
>additional garbage would be sent to overwrite further, then 
>finally a hex
>request would be written to spawn a shell. I'm not too sure 
>how to stop it
>other than not placing a limit on how big of a url someone 
>could send, or
>automatically truncating anything over x amount of size.[...]
>
>My new question on this list:
>Can someone suggest the proper syntax for a directive to set a 
>URL length
>maximum?
>
>Best regards,
>Jack L. Stone,
>Administrator
>
>SageOne Net
>http://www.sage-one.net
>jackstone@sage-one.net
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>

Mime
View raw message