zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Hunt <ph...@apache.org>
Subject Re: Hi Zookeeper expert, we encountered a slow attack problem, described as follows, please help to analyze and confirm, thank you very much.
Date Mon, 27 Nov 2017 20:10:21 GMT
Hi zhanggang, thank you for the report. Unfortunately the attachment did
not come through (probably stripped by the ML daemon).

Iiuc this does sound like a problem that would be good to address. We have
code in place to limit the number of concurrent sessions that a particular
IP can hold open at any one time - specifically to address the type of
issue you describe. However I believe it only addresses session count, not
tcp connections. This would be a good one to fix - please create a jira and
if possible submit a patch.

Thanks!

Patrick

On Tue, Nov 21, 2017 at 7:09 AM, zhanggang <zhanggang6@huawei.com> wrote:

>
>
> Hi Zookeeper expert, we encountered a slow attack problem, described as
> follows, please help to analyze and confirm, thank you very much.
>
>
>
> *Problem:*
>
> In the client using some method (such as telnet) to establish a tcp
> connection with server-side zookeeper listening port , but after the
> establishment of tcp connection, the client does not send any data.
> However, apache will not disconnect this tcp connection, may lead to the
> number of connections exhausted , Resulting in DOS
>
>
>
> *The attack process**:*
>
> 1. The client executes the telnet service port
>
> Start the client telnet server port 21816,53236,50548, do not exit for a
> long time:
>
> Excuting an order:
>
> telnet 3.101.3.119 21816
>
> telnet 3.101.3.118 53236
>
> telnet 3.101.3.124 50548
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message