Mailing-List: contact modperl-help@perl.apache.org; run by ezmlm
Precedence: bulk
Date: Tue, 13 May 2003 11:12:43 -0600
From: "dreamwvr@dreamwvr.com" <dreamwvr@dreamwvr.com>
To: modperl@perl.apache.org
Subject: Re: Strategy against 'trivial' DOS attacks?
Message-ID: <20030513171243.GA15957@rainmaker.dreamwvr.com>
References: <B0092426096@MAIL.nucleus.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <B0092426096@MAIL.nucleus.com>
User-Agent: Mutt/1.4i

On Tue, May 13, 2003 at 03:05:58PM +0000, mod_perl@att.net wrote:
> Alex:
> 
> mod_throttle312 works pretty well in our cases -- mayeb I am just lucky. (The box
> are typically redhat 7 with 512M. The throttle is made on number of HTML files
> served per 10 seconds per IP.) Here is a good mod_perl throttle module:
> http://www.stonehenge.com/merlyn/LinuxMag/col17.html
> 
> Peter
> > On Mon, May 12, 2003 at 11:49:39AM -0600, dreamwvr@dreamwvr.com wrote:
> > > http://www.snert.com/Software/mod_throttle/
> >  
> > Oh NO!!! This module is an effective DoS attack by itself! It is a bunch of
> > code totally unworking under any significant load!
> >  
> > Author has dropped any work on it years ago. Experiment with it nearly cost
> > me my job. Don't try it without total rewriting.
> >  
> > And it doesn't solve the problem. HTTP filters in FreeBSD kernel can.
Yes. As well someone I know uses it in a very large env w/o any troubles
so @ the very least it is better than nothing there at all. YMMV

Best Regards,
dreamwvr@dreamwvr.com

-- 
/*  Security is a work in progress - dreamwvr                 */
#                               48 69 65 72 6F 70 68 61 6E 74 32
# Note: To begin Journey type man afterboot,man help,man hier[.]      
# 66 6F 72 20 48 69 72 65                              0000 0001
// "Who's Afraid of Schrodinger's Cat?" /var/(.)?mail/me \?  ;-]