On Sun, Nov 18, 2007 at 11:02:21AM -0500, Greg Boyington wrote: > I like the firewall approach myself, as it seems likely that anyone > with malicious intent (as distinct from the uninformed download > accelerator user, etc) should forfeit their rights to your bandwidth > regardless of protocol. But for a purely apache solution, have a look > at mod_access ( http://httpd.apache.org/docs/2.0/mod/mod_access.html > ). Hey Greg, could you elaborate on this? How would you prevent this attack with mod_access? > > > As I understand the issue it's a very simple DoS as it neither does > > > require a lot of cpu nor bandwidth on the client side. Is there a proper name for this kind of attack. I am not sure the original question was referring to a real attack. But if it is one, what would be the correct name for this type? I have been referring to it as "Request Delaying". But there might be a better name, that is more widespread. See http://permalink.gmane.org/gmane.comp.apache.mod-security.user/1923 form some thoughts. regs, Christian --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|