[SLL] apache DOS vulnerability and iptables
Rohit Kumar Mehta
rohitm at engr.uconn.edu
Fri Jun 19 08:59:41 PDT 2009
I'm sure there are many among us who want their apache servers to stay
available, so this is alarming news:
http://it.slashdot.org/story/09/06/19/1243203/Attack-On-a-Significant-Flaw-In-Apache-Released?from=rss
http://isc.sans.org/diary.html?storyid=6601
I tested this against a non-production server and it was completely
easy to do. The server was not responding to web requests in less than a
few minutes.
I would think one should be able to protect against this by limiting the
maximum number of connections from a single ip. My iptables-fu is not
as powerful as it should be. Does anyone else know how to do this?
Rohit
--
Rohit Mehta
Computer Engineer
University of Connecticut
Engineering Computing Services
371 Fairfield Road Unit 2031
Storrs, CT 06269-2031
Office: (860) 486 - 2331
Fax: (860) 486 - 1273
More information about the linux-list
mailing list