On 5/28/06, Sergey Tsalkov <flightsimguy@xxxxxxxxx> wrote:
Anyone have any suggestions?
What you've described doesn't really look like a dangerous DOS-attack. If clients just open connections and stay idle, there's a lot of good workarounds: 1) lower timeout, and raise number of listening servers 2) hack server code a bit and use TCP_DEFER_ACCEPT option if you're on Linux, or http ready data filter if it's FreeBSD 3) put an Apache 2.0 with threaded MPM & mod_proxy with minimal set of modules in front of your Apache 1.3 server - it will be able to serve thousands of idle connections without wasting too much resources. -- Alexey Polyakov --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|