Login | Register For Free | Help	Search this list this category for: (Advanced)

Mailing List Archive: Apache: Dev mod_noloris: mitigating against slowloris-style attack   Index | Next | Previous | View Flat

nick at webthing Jun 25, 2009, 6:39 AM Views: 1245 Permalink mod_noloris: mitigating against slowloris-style attack I was just thinking about a quick&dirty fix we could offer to admins who are suddenly concerned about DoS attack. The following, backed by dbm or memcache and assuming configurable default and per-host concurrent connection limits, looks like an outline candidate and works as a module: static int noloris_conn(conn_rec *conn) { /* kludge: just limit the number of connections per-ip */ /* increment num-conn-from-host * register pool cleanup to decrement it * limit = per-host-limit || default-limit * if (num-conn > limit) { * drop connection; * return OK; * } return DECLINED; } static void noloris_hooks(apr_pool_t *p) { ap_hook_process_connection(noloris_conn, NULL, NULL, APR_HOOK_FIRST); } Is this worth hacking up, or more trouble than it saves? -- Nick Kew

Subject User Time mod_noloris: mitigating against slowloris-style attack nick at webthing Jun 25, 2009, 6:39 AM     Re: mod_noloris: mitigating against slowloris-style attack covener at gmail Jun 25, 2009, 6:57 AM     Re: mod_noloris: mitigating against slowloris-style attack ruediger.pluem at vodafone Jun 25, 2009, 7:01 AM     Re: mod_noloris: mitigating against slowloris-style attack nick at webthing Jun 25, 2009, 7:19 AM         Re: mod_noloris: mitigating against slowloris-style attack rpluem at apache Jun 25, 2009, 10:43 AM     Re: mod_noloris: mitigating against slowloris-style attack sf at sfritsch Jun 25, 2009, 7:45 AM     Re: mod_noloris: mitigating against slowloris-style attack wrowe at rowe-clan Jun 25, 2009, 8:12 AM         Re: mod_noloris: mitigating against slowloris-style attack nick at webthing Jun 25, 2009, 9:06 AM             Re: mod_noloris: mitigating against slowloris-style attack wrowe at rowe-clan Jun 25, 2009, 9:53 AM         Re: mod_noloris: mitigating against slowloris-style attack jim at jaguNET Jun 29, 2009, 10:05 AM     Re: mod_noloris: mitigating against slowloris-style attack rpluem at apache Jun 25, 2009, 10:38 AM     Re: mod_noloris: mitigating against slowloris-style attack nick at webthing Jun 25, 2009, 12:48 PM         Re: mod_noloris: mitigating against slowloris-style attack fredk2 at gmail Jun 30, 2009, 6:56 PM             Re: mod_noloris: mitigating against slowloris-style attack nick at webthing Jul 1, 2009, 2:12 AM                 Re: mod_noloris: mitigating against slowloris-style attack trawick at gmail Jul 1, 2009, 4:57 AM     Re: mod_noloris: mitigating against slowloris-style attack nick at webthing Jul 1, 2009, 5:04 AM         Re: mod_noloris: mitigating against slowloris-style attack gonzalo.arana at gmail Jul 1, 2009, 5:33 AM         Re: mod_noloris: mitigating against slowloris-style attack nick at webthing Jul 1, 2009, 5:45 AM             Re: mod_noloris: mitigating against slowloris-style attack poirier at pobox Jul 1, 2009, 6:30 AM     Re: mod_noloris: mitigating against slowloris-style attack nick at webthing Jul 1, 2009, 5:49 AM         Re: mod_noloris: mitigating against slowloris-style attack covener at gmail Jul 1, 2009, 6:12 AM         Re: mod_noloris: mitigating against slowloris-style attack gonzalo.arana at gmail Jul 1, 2009, 6:32 AM

Index | Next | Previous | View Flat   Apache     Announce     Users     Dev     Bugs     CVS     Docs

Interested in having your list archived? Contact lists@gossamer-threads.com
 

Web Applications & Managed Hosting Powered by Gossamer Threads Inc.