Hi,
I'm using apache 1.27 with recent modssl. I'm not vulnerable to this bug.
But I see from time to time large scans, which have the symptoms of this
worm.
All my FreeBSD childs get used and are waiting in a queue and the server gets
unresponsive for 5-6 mins.
I set correctly limits:
RLimitNPROC 25
RLimitMEM 4000
RLimitCPU 5
But in this case, RLimitNPROC seems not to work :P
I also tried mod_throttle, but it does also not help in this case because
all connections are made at the same time and they timeout 180 seconds later.
[Fri Oct 18 05:51:43 2002] [error] [client 202.131.107.1] client sent HTTP/1.1
request witho
ut hostname (see RFC2616 section 14.23): /
[Fri Oct 18 05:51:43 2002] [error] [client 202.131.107.1] client sent HTTP/1.1
request witho
ut hostname (see RFC2616 section 14.23): /
[Fri Oct 18 05:51:43 2002] [error] [client 202.131.107.1] client sent HTTP/1.1
request witho
ut hostname (see RFC2616 section 14.23): /
Min/MaxSpareServers), spawning 32 children, there are 0 idle, and 502 total children
[Fri Oct 18 05:51:48 2002] [error] server reached MaxClients setting, consider raising
the M
axClients setting
[Fri Oct 18 05:54:26 2002] [info] [client 202.131.107.1] read request line timed
out
[Fri Oct 18 05:54:26 2002] [info] [client 202.131.107.1] read request line timed
out
[Fri Oct 18 05:54:26 2002] [info] [client 202.131.107.1] read request line timed
out
[Fri Oct 18 05:54:26 2002] [info] [client 202.131.107.1] read request line timed
out
[Fri Oct 18 05:54:29 2002] [info] [client 202.131.107.1] read request line timed
out
And so on.
Has someone a quick fix for this or a idea ?
Martin Blapp, <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
--
ImproWare AG, UNIXSP & ISP, Zurlindenstrasse 29, 4133 Pratteln, CH
Phone: +41 061 826 93 00: +41 61 826 93 01
PGP:
PGP Fingerprint: B434 53FC C87C FE7B 0A18 B84C 8686 EF22 D300 551E
--
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message