Re: [users@httpd] need help fighting DoS attack on Apache

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 5/28/06, Sergey Tsalkov <flightsimguy@xxxxxxxxx> wrote:

This is very wrong. I can't figure out why Apache doesn't have any
defense against such an obvious attack -- even the connection limiting
modules can't help because they have no way of knowing that all the
requests are coming from the same IP.

I believe that some third-party modules can deal with this, although
I've never tried them myself.  I would guess that mod_ip_count could
do it, for example.

But the correct way to deal with this, as Grahm already suggested, is
using your OS firewall.  It has the capabilities to handle this type
of problem with much less complication and resources than anything
that could be built into apache.  Most firewalls can limit the total
connections from any particular IP address, completely eliminating
this simple attack.

See also:
http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux