Re: POST content Attack?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



sounds like you could benefit from logging incoming request payloads. Consider mod security to sanitize requests and log, if you can't modify your perl script to do it, how do you modify the textarea data before doing the INSERT? Do you know what the perl script has been doing? Have you ensured that you files/permissions have not been modified? I think 11M is far too much for a text area, consider modifying that value in parts of your application that are not file uploads and/or truncating input inside you perl script.


Sent from my BlackBerry® wireless device

-----Original Message-----
From: Fayland Lam <fayland@xxxxxxxxx>

Date: Wed, 21 May 2008 09:31:23 
To:users@xxxxxxxxxxxxxxxx
Subject:  POST content Attack?

hi list.

we are in attack I think. our Perl script is taking 2G to process one 
request.

8: 18940 1567M  5.9M 1567M 1121M W  0.000s  0.000s  459 1.2.3.4 
www.xxsite.com POST /comment/post HTTP/1.0

that's from vmonitor.

I'm wondering is there someone to put large content in our comment 
textarea?
we limited size in Apache httpd.conf (LimitRequestBody 11000000) but it 
doesn't help.
or it's not related to POST content?
 
any hint is really appreciated.

Thanks.

-- 
Fayland Lam // http://www.fayland.org/ 
Foorum based on Catalyst // http://www.foorumbbs.com/ 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux