Re: Apache DoS attack?

Zen (zen@CRIMELAB.NET)
Tue, 30 Dec 1997 06:08:49 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mark Lowes: "Re: Apache DoS attack?"
Previous message: =?US-ASCII?Q?Micha=B3_Zalewski?=: "Re: Apache DoS attack?"
Maybe in reply to: =?UNKNOWN-8BIT?Q?Micha=B3?= Zalewski: "Apache DoS attack?"
Next in thread: Mark Lowes: "Re: Apache DoS attack?"

Zalewski <lcamtuf@POLBOX.COM> wrote:
: Here's a simple exploit for Apache httpd version 1.2.x (tested on
: 1.2.4). When launched, causes incerases of victim's load average and
: extreme slowdowns of disk operations. On my i586 Linux annoying slowdown
: has been experienced immediately (after maybe 5 seconds). After about 4
: minutes work has been turned into real hell (286?).

I just tested this exploit on Apache httpd versions 1.0.x, 1.1.x, 1.2.x,
and 1.3.x (beta). All of the versions seem to be affected in one way or
another, but the 1.0.x and 1.1.x seems to be less effective, since the
load average goes down right after the attack has stopped, unlike 1.2.x
and 1.3.x, which kept going even after the attack has stopped.

--
Zen <zen@crimelab.net>
Fourth Law of Revision:
        It is usually impractical to worry beforehand about
interferences -- if you have none, someone will make one for you.

Next message: Mark Lowes: "Re: Apache DoS attack?"
Previous message: =?US-ASCII?Q?Micha=B3_Zalewski?=: "Re: Apache DoS attack?"
Maybe in reply to: =?UNKNOWN-8BIT?Q?Micha=B3?= Zalewski: "Apache DoS attack?"
Next in thread: Mark Lowes: "Re: Apache DoS attack?"