On Nov 23, 2007 4:48 AM, Sam Testuser <[EMAIL PROTECTED]> wrote: > This attack has many special traits. One of the more annoying ones is > sudden and total death.
I'm not sure how that is a "special trait" of this attack. My point is quite simple: this particular attack (and most other similar ones) are blocked by simple firewall rules limiting concurrent connections per IP or network. Except in the case of DDoS or other very-well-resourced attackers. And in those cases I don't see any point in worrying about this attack since there are so many other more-effective and harder-to-detect attacks. If you want to get back to apache httpd, then this attack is a pretty-much unavoidable consequence of the one-connection-per-thread/process model that httpd shares with many other network servers. An event-based model deals much better with this kind of thing. But I don't see the point in moving to an event-based model simply to avoid this attack, for the reasons I mention above. (There are other good reasons to move in this direction, however.) Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
