httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <jos...@slive.ca>
Subject Re: [users@httpd] How to prevent from simple DoS?
Date Fri, 23 Nov 2007 14:07:00 GMT
On Nov 23, 2007 4:48 AM, Sam Testuser <toximoron_x2@yahoo.co.uk> wrote:

> This attack has many special traits. One of the more annoying ones is
> sudden and total death.

I'm not sure how that is a "special trait" of this attack. My point is
quite simple: this particular attack (and most other similar ones) are
blocked by simple firewall rules limiting concurrent connections per
IP or network. Except in the case of DDoS or other very-well-resourced
attackers. And in those cases I don't see any point in worrying about
this attack since there are so many other more-effective and
harder-to-detect attacks.

If you want to get back to apache httpd, then this attack is a
pretty-much unavoidable consequence of the
one-connection-per-thread/process model that httpd shares with many
other network servers. An event-based model deals much better with
this kind of thing. But I don't see the point in moving to an
event-based model simply to avoid this attack, for the reasons I
mention above. (There are other good reasons to move in this
direction, however.)

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message