Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Full Disclosure: Re: DoS in Apache 2.0.52 ?

Re: DoS in Apache 2.0.52 ?

From: Michal Zalewski <lcamtuf_at_ghettot.org>
Date: Mon, 1 Nov 2004 16:38:42 +0100 (CET)

On Mon, 1 Nov 2004, Chintan Trivedi wrote:

> GET / HTTP/1.0\n
> [space] x 8000\n
> [space] x 8000\n
> [space] x 8000\n
> .
> .
> 8000 times

> I created 25 threads (connections) and send the above request to one
> webserver.

This is circa 1.5 GB of data (61 MB per connection), at which point you
probably either caused an (improperly configured) server to kill random
processes on OOM, or swapped it to death.

This seems to be a valid DoS, and Apache most certainly should refuse such
an attack (historically, they had several other header parsing flaws).
This attack is probably not particularly efficient, compared to, say, a
good old connection flood, should you have 1.6 GB of bandwidth to spare.

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Nov 01 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]