Nmap Development mailing list archives

Re: insecure.org, nmap.org, seclists.org down.

From: Fyodor <fyodor () insecure org>
Date: Thu, 8 Sep 2011 01:43:30 -0700

On Sun, Sep 04, 2011 at 03:33:01PM -0500, Daniel Miller wrote:

I'm sure someone else is aware, but there hasn't been a message on
this list to acknowledge that the Insecure.org websites are down. Is
this related to Hurricane Irene?


Sorry for the downtime, folks!  I was off the grid at Burning Man when
things went down.  Given that the problem manifested with a huge spike
in CPU load, I have to wonder if it was related to the recent Apache
range header DoS bug (CVE-2011-3192).  I had applied one of the
workarounds recommended in the Apache advisory, and Nmap reports the
server invulnerable, but maybe someone found trickier ways to exploit
it.  So I've now also installed the full Apache patch rather than just
the httpd.conf workaround.

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re:insecure.org, nmap.org, seclists.org down. John Hutchison (Sep 05)
- <Possible follow-ups>
- insecure.org, nmap.org, seclists.org down. Daniel Miller (Sep 05)
  - Re: insecure.org, nmap.org, seclists.org down. Arturo 'Buanzo' Busleiman (Sep 05)
  - Re: insecure.org, nmap.org, seclists.org down. Fyodor (Sep 08)