Mailing List Archive: Apache: Bugs

[Bug 47386] Remote Apache TCP stack DOS

Index | Next | Previous | View Threaded

bugzilla at apache

Jun 17, 2009, 11:00 PM

Post #1 of 3 (362 views)
Permalink

[Bug 47386] Remote Apache TCP stack DOS

https://issues.apache.org/bugzilla/show_bug.cgi?id=47386

Ruediger Pluem <rpluem [at] apache> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID

--- Comment #1 from Ruediger Pluem <rpluem [at] apache> 2009-06-17 23:00:14 PST ---
First: If you really want to report a security issue NEVER do it here in the
public, but sent a mail to security [at] httpd to handle this matter in a
confidential way.
Second: We are aware of this and it is an old hat and expected. Please have a
look here: https://issues.apache.org/bugzilla/show_bug.cgi?id=47386

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe [at] httpd
For additional commands, e-mail: bugs-help [at] httpd

bugzilla at apache

Jun 18, 2009, 7:10 AM

Post #2 of 3 (323 views)
Permalink

[Bug 47386] Remote Apache TCP stack DOS [In reply to]

https://issues.apache.org/bugzilla/show_bug.cgi?id=47386

--- Comment #2 from Will Rowe <wrowe [at] apache> 2009-06-18 07:10:48 PST ---
Don't follow Rudiger's link, it's cyclic.

Every network application is affected by such attacks, this is a protocol
level issue. It occurs at the network layer, not the application layer,
as demonstrated by the fact that AcceptFilter in httpd has no impact on
the attack.

The solution, like the problem, lies in the network layer. See iptables
and similar network stack filters to provide protection against this vector.

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe [at] httpd
For additional commands, e-mail: bugs-help [at] httpd

bugzilla at apache

Jun 18, 2009, 7:59 AM

Post #3 of 3 (319 views)
Permalink

[Bug 47386] Remote Apache TCP stack DOS [In reply to]

https://issues.apache.org/bugzilla/show_bug.cgi?id=47386

--- Comment #3 from Ruediger Pluem <rpluem [at] apache> 2009-06-18 07:59:23 PST ---
(In reply to comment #1)
> First: If you really want to report a security issue NEVER do it here in the
> public, but sent a mail to security [at] httpd to handle this matter in a
> confidential way.
> Second: We are aware of this and it is an old hat and expected. Please have a
> look here: https://issues.apache.org/bugzilla/show_bug.cgi?id=47386

Ahrggg. My bad. Copy and paste error. Thanks for pointing it out Bill.
This is the correct link:
http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe [at] httpd
For additional commands, e-mail: bugs-help [at] httpd

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads