The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Apache DoS attack?


<< Previous INDEX Search src Set bookmark Go to bookmark Next >> 
X-RDate: Wed, 31 Dec 1997 09:58:01 +0500 (ESK)
Date: Tue, 30 Dec 1997 11:59:55 GMT
From: Mark Lowes <markl@ftech.net>
To: BUGTRAQ@NETSPACE.ORG
Subject: Re: Apache DoS attack?

----=_34a8e23b943997180eb3fac9.MFSBCHJLHS
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

On Tue, 30 Dec 1997 11:07:04 +0100, you wrote:

>[execuse me if it has been discovered before]

First I've heard.

>Here's a simple exploit for Apache httpd version 1.2.x (tested on 1.2.4).
>When launched, causes incerases of victim's load average and extreme
>slowdowns of disk operations. On my i586 Linux annoying slowdown has been
>experienced immediately (after maybe 5 seconds). After about 4 minutes
>work has been turned into real hell (286?).

Ok here's an initial patch, I'm sure someone will come up with something
better and more effcient but it works. :)

        Mark

--
+--------------------------------------------------------------------+
| Frontier Internet Services Ltd - Disclaimer;                       |
|                                                                    |
| All statements made and agreements come to by means of email are   |
| at all times subject to Frontier's Terms and Conditions of service |
| and product descriptions / sales literature. Representations made  |
| above and beyond those contained there in are not to be relied     |
| upon and are at no time contractually binding.                     |
+--------------------------------------------------------------------+

----=_34a8e23b943997180eb3fac9.MFSBCHJLHS
Content-Type: application/octet-stream; name=beck.patch
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=beck.patch

LS0tIC91c3Ivc3JjL2FwYWNoZV8xLjIuNC9zcmMvaHR0cF9wcm90b2NvbC5jCUZyaSBBdWcgMTUg
MTc6MDg6NTEgMTk5NworKysgL3Vzci9zcmMvYXBhY2hlXzEuMi40LnBhdGNoL3NyYy9odHRwX3By
b3RvY29sLmMJVHVlIERlYyAzMCAxMTo1NDozNyAxOTk3CkBAIC01MTAsNiArNTEwLDExIEBACiAg
ICAgaW50IGxvb3A7CiAjZW5kaWYKIAorLyogLS0gbmVlZGVkIGZvciBGcm9udGllciBwYXRjaCAt
LSAqLworICAgIGludCBGdGVjaF9sb29wOworICAgIGludCBGdGVjaF9jb3VudDsKKy8qIC0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gKi8KKwogLyogQSBwcm94eSByZXF1ZXN0IGNvbnRh
aW5zIGEgJzonIGVhcmx5IG9uLCBidXQgbm90IGFzIGZpcnN0IGNoYXJhY3RlciAqLwogICAgIGZv
ciAocz11cmk7IHMgIT0gJ1wwJzsgcysrKQogCWlmICghaXNhbG51bSgqcykgJiYgKnMgIT0gJysn
ICYmICpzICE9ICctJyAmJiAqcyAhPSAnLicpIGJyZWFrOwpAQCAtNTQxLDYgKzU0NiwzMCBAQAog
ICAgIC8qIEZpeCBPUy8yIEhQRlMgZmlsZW5hbWUgY2FzZSBwcm9ibGVtLiAqLwogICAgIHItPnVy
aSA9IHN0cmx3cihyLT51cmkpOwogI2VuZGlmCisKKy8qCisgKiBGcm9udGllciBwYXRjaCB0byBm
aXggYnVndHJhcSByZXBvcnRlZCBleHBsb2l0CisgKi8KKworICAgRnRlY2hfY291bnQ9MDsKKyAg
IGZvciAoRnRlY2hfbG9vcCA9IDA7IEZ0ZWNoX2xvb3AgPD0gc3RybGVuKHItPnVyaSk7ICsrRnRl
Y2hfbG9vcCkgeworICAgICAgIGlmIChyLT51cmlbRnRlY2hfbG9vcF0gPT0gJy8nKQorCSAgCXsg
CisJCUZ0ZWNoX2NvdW50Kys7IAorCQl9CisJZWxzZQorCSAgeworCSAgRnRlY2hfY291bnQ9MDsK
KwkgIH0KKwlpZiggRnRlY2hfY291bnQgPj0gNiApCisJICB7IAorCSAgci0+dXJpWzBdPScvJzsK
KwkgIHItPnVyaVsxXT0nXDAnOworCSAgYnJlYWs7CisJICB9CisgICB9OworCisvKiAtLS0gZW5k
IHBhdGNoIC0tLSAqLwogCiAJaWYgKCp1cmkpIHItPmFyZ3M9IHBzdHJkdXAoci0+cG9vbCwgdXJp
KTsKIAllbHNlIHItPmFyZ3MgPSBOVUxMOwo=

----=_34a8e23b943997180eb3fac9.MFSBCHJLHS--

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру