On Mon, Jun 22, 2009 at 08:31:01PM +1200, Richard Toohey wrote:
> On 20/06/2009, at 8:24 AM, Peter van Oord van der Vlies wrote:
>
>> Hi,
>>
>> Today i some pages are publishing news about a apache DOS tool for
>> example (http://isc.sans.org/diary.html?storyid=6601) and http://
>> ha.ckers.org/blog/20090617/slowloris-http-dos/
>>
>> Does this applies to the openbsd apache to ?
>>
>> Peter
>
>
> Looks like it is old ...
>
> http://marc.info/?l=apache-httpd-bugs&m=124533720717343&w=2
>
> And advice here ...
>
> http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos
>
> (Yes, I appreciate that it doesn't directly answer your question,
> but might help someone ...)
Nope, this does not help at all. Reducing the Timeout helps for a
second. But reducing the timeout in slowloris.pl too, makes the apache
unreachable within seconds again.
Havent't testet OpenBSD's Apache-1.3 so far. But the only thing, that
helps currently IMHO, is to limit the number of established connections
per IP. So, one client is not able to block all the available apache
processes (threads) anymore.
So long,
Aiko
--
:wq b�
