On Tuesday 02 March 2010 06:19, Ajith Adapa wrote: > I got a DOS(Denial Of Service) attack scenario on http server in > busybox. At present I am using busybox 1.2 version. > > Following is the transmission steps between Client and Server > > 1. 3 way handshake > 2. GET packet from client and then followed by ACK from server. > 3. RST ACK from Client to Server > > As a result of RST_ACK packet from client the socket connection is > getting terminated abruptly and cur_clients global variable is not > getting decremented. Once cur_clients value reaches the max value of 5 > it stops accepting the new connections. > > Is there any fix for this issue for HTTP server in busybox for new > releases after 1.2 ??
I don't remember all fixes which went into httpd during *fourteen* major releases since then. Try reading through http://busybox.net/news.html or inspecting "git log -p httpd.c" output. > Sorry I havent found any specific fixes for this issues and I wanted > to know if any of them seeing this issue got fixed in new busybox > version ? I propose simply building latest 1.15.x or 1.16.0 and trying it. -- vda _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
