Eric Rescorla <[EMAIL PROTECTED]> writes:
> Now consider what happens if you're running 512 virtual servers (IPs)
> with 256 child processes. If Slapper contacts all of them, it will
> freeze all your children and you're frozen until the timeouts
> happen. Joe, do you have more virtual servers than children?
Just to be clear, what I'm trying to figure out is why some people are
having this problem with OpenSSL and some aren't.
I've long suspected that you could connect to Apache and consume all
the processes until a timeout. It's very hard to defend against this
attack since it's hard to distinguish attackers from slow clients. I
just didn't understand why Slapper was doing it since it only tries to
probe your machine once AFAIK. But if you have a lot of IPs....
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
http://www.rtfm.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
