Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: how to detect DDoS attack through HTTP response analysis(throuput)

From: 김무성 <kimms () infosec co kr>
Date: Thu, 30 Jun 2011 09:39:41 +0900
You don't understand my question.

I'm studying and researching about solution of DDoS detection through
analysis of HTTP responses.

For example,
If only one response is detected several times, this is abnormal.

-----Original Message-----
From: coderman [mailto:coderman () gmail com] 
Sent: Wednesday, June 29, 2011 12:30 PM
To: 김무성
Cc: full-disclosure () lists grok org uk; pen-test () securityfocus com
Subject: Re: [Full-disclosure] how to detect DDoS attack through HTTP
response analysis(throuput)

2011/6/26 김무성 <kimms () infosec co kr>:

...
I'm looking for meterials or information, research about that how to

detect

DDoS attack through HTTP response analysis(throuput).


you're asking the wrong question.

instead of asking "How can I automagically detect exploitation of my
shitty app via HTTP Resp. codes"

ask: "Why is my webapp so shitty that any number of arbitrary requests
lead to resource exhaustion?"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: