You don't understand my question. I'm studying and researching about solution of DDoS detection through analysis of HTTP responses.
For example, If only one response is detected several times, this is abnormal. -----Original Message----- From: coderman [mailto:[email protected]] Sent: Wednesday, June 29, 2011 12:30 PM To: 김무성 Cc: [email protected]; [email protected] Subject: Re: [Full-disclosure] how to detect DDoS attack through HTTP response analysis(throuput) 2011/6/26 김무성 <[email protected]>: > ... > I'm looking for meterials or information, research about that how to detect > DDoS attack through HTTP response analysis(throuput). you're asking the wrong question. instead of asking "How can I automagically detect exploitation of my shitty app via HTTP Resp. codes" ask: "Why is my webapp so shitty that any number of arbitrary requests lead to resource exhaustion?" _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
