On 4/3/2010, lots of people chimed in saying things.
Around 00:03 [-7GMT], Morgan Gangwere chimed in to say:
I'd suggest either turning on Syn Cookies, getting mpm_worker running,
or not really worrying about it. mpm_worker so far for me has been able
to avoid the Slowloris attack on a 50Mhz ARM9 running an older Apache2 (
Apache/2.2.3 (Debian) PHP/5.2.0-8+etch5~pu1 Server at 192.168.0.50 Port 80).
Give You A Hint, I ran a simple Slowloris against that machine:
http://indrora.kicks-ass.org/masq/sysinfo/nutrition_facts.php
Those numbers *are* real FWI.
The real question is, should you really worry? It seems as though to me
your worries are low.
On a note, someone posted about Slowloris and Apache:
http://bahumbug.wordpress.com/2009/06/21/slowloris/
It talks about mod_evasive -- Which with a little digging, comes up with
http://www.zdziarski.com/blog/?page_id=442
The author's page.
The folks over at O'Reilly SysAdmin have something good to say about it
(at least to some extent):
http://www.oreillynet.com/sysadmin/blog/2007/10/the_case_for_mod_evasive.html
eth0 has something about it as well:
http://www.eth0.us/mod_evasive
To be frank, if you're worrying about this, you're asking big Whatif
questions, and thats like asking when the heat-death of the universe is
going to cause the nearest convenience store to become a little less
convenient to go to. If your stuff is under attack and your servers just
Cant Handle The Load (tm) then you've got bigger problems, like
wondering if you should just halt, pause and reboot. [FWI, thats what
the Air Force in the USA does when major feces hits the blower at
Cybercommand]
--
Morgan Gangwere
>> Why?
> Because it breaks the logical flow of conversation, plus makes
messages unreadable.
>>> Top-Posting is evil.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [email protected]
" from the digest: [email protected]
For additional commands, e-mail: [email protected]
