Bugtraq mailing list archives
Re: YA Apache DoS attack
From: marcs () ZNEP COM (Marc Slemko)
Date: Sat, 15 Aug 1998 21:10:52 -0700
On Sat, 15 Aug 1998, Scott Burke wrote:
Kovacs Andrei wrote:On Fri, 7 Aug 1998, Dag-Erling Coidan [ISO-8859-1] Smørgrav wrote: Today when I was looking at the Apache 1.3.1 help files i've found a parameter that might stop this: "RLimitMem". I guess this should make Apache use only the amount of memory that you want to. AndyThat will limit the amount of memory consumed by Apache itself, which will save your whole system from being DoS'd, but the server itself will still be able to be DoS'd. That merely compartmentalizes the damage :)
No, this will not do anything against this attack. The RLimit* directives only impact the amount of memory used by other processes (eg. CGIs) that Apache spawns. As I originally posted, if you want to prevent Apache from eating memory simply set the appropriate ulimit before starting Apache. It isn't a denial of service attack if there is no denial of service. If you have the appropriate ulimits, then on many machine a single attack will not deny any service. Then it becomes a game of sending multiple ones at the same time, etc.
Current thread:
- Re: YA Apache DoS attack Ben Laurie (Aug 07)
- Re: YA Apache DoS attack GoatBoy (Aug 07)
- Re: YA Apache DoS attack bugtraq (Aug 09)
- <Possible follow-ups>
- Re: YA Apache DoS attack Dag-Erling Coidan Smørgrav (Aug 08)
- Re: YA Apache DoS attack Scott Burke (Aug 15)
- Re: YA Apache DoS attack Marc Slemko (Aug 15)