Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Who's behind limestonenetworks.com AKA DDoS on polipo(8123)

From: Valdis.Kletnieks () vt edu
Date: Sat, 17 Aug 2013 19:50:34 -0400
On Sat, 17 Aug 2013 13:39:16 +0200, Jann Horn said:


And yes, you're right, a DoS attack can be unsuccessful. My point was that
this small amount of traffic shouldn't be called a DDoS because there's no
way that the intention behind this amount of traffic was to take down that
service with pure bandwidth.


How quickly they forget....

Not all DDoS are pure bandwidth based.  Consider SYN flooding, where the
packets sent are relatively small and often not even all that frequent, but can
tie up large amounts of resources on the target machine. This sort of attack
works particularly well against sites that have a big blind spot because they
think that all DDoS attacks are massive bandwidth hosedowns.

How many connections/sec does it take to forkbomb your Apache server into
uselessness?  And if you rate limit your Apache so your system doesn't
forkbomb, how many does it take to prevent legitimate traffice from being
serviced?

Attachment: _bin
Description: 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: