Hi Zookeeper expert, we encountered a slow attack problem, described as follows, please help to analyze and confirm, thank you very much.
Problem: In the client using some method (such as telnet) to establish a tcp connection with server-side zookeeper listening port , but after the establishment of tcp connection, the client does not send any data. However, apache will not disconnect this tcp connection, may lead to the number of connections exhausted , Resulting in DOS The attack process: 1. The client executes the telnet service port [cid:[email protected]] Start the client telnet server port 21816,53236,50548, do not exit for a long time: Excuting an order: telnet 3.101.3.119 21816 telnet 3.101.3.118 53236 telnet 3.101.3.124 50548
