Bugtraq mailing list archives
Re: Apache DoS Attack
From: dag-erli () IFI UIO NO (Dag-Erling Coidan Smørgrav)
Date: Wed, 12 Aug 1998 14:08:07 +0200
Jonathan Freeman <freeman () ADHOST COM> writes:
<> IIS 3.0 (Service Pack 3)
causes immediate jump to 100% CPU for approx. 5 seconds
multiple attacks can keep the CPU in the 90% range
<> IIS 4.0 (Service Pack 3)
causes immediate jump to 80% CPU for approx. a half second
multiple attacks DO NOT cause more thank 40% sustained CPU
In other words, they're immune. 80% CPU load for half a second simply means the server is working hard to quaff the request (or drink from a firehose, depending on the value passed to sioux with the -n switch ), but it's not leaking. IIS 3.0 is apparently a bad performer (well, a worse performer than IIS 4.0, anyway) and takes more time to recover. Did you run these tests on the same computer (or at least on ident- ically configured computers)? If not, there is no basis for comparison. DES -- Dag-Erling Smørgrav - dag-erli () ifi uio no
Current thread:
- Re: Sendmail up to 8.9.1 - mail.local instroduces new class of Jonathan Stott (Aug 10)
- Re: Sendmail up to 8.9.1 - mail.local instroduces new class of Chip Salzenberg (Aug 10)
- Yet another DOS/Exploit in ICQ?????? Arnvid L. Karstad (Aug 10)
- Re: Sendmail up to 8.9.1 - mail.local instroduces new class of Brett Lymn (Aug 10)
- Re: Sendmail up to 8.9.1 - mail.local instroduces new class of Kari E. Hurtta (Aug 12)
- Re: Apache DoS Attack Dag-Erling Coidan Smørgrav (Aug 12)
- Microsoft Security Bulletin (MS98-008) Aleph One (Aug 12)
- Security Bulletins Digest (fwd) Piotr Strzy¿ewski (Aug 12)
- Netscape Exploit? Mozilla? Crispin Cowan (Aug 11)
- FW: CERT Advisory CA-98.10 - mime_buffer_overflows Patrick Oonk (Aug 11)
- Re: FW: CERT Advisory CA-98.10 - mime_buffer_overflows (VU#5648) John D. Hardin (Aug 11)
- RotoRouter 1.0 - Traceroute log & fake #include (Aug 11)
- Re: RotoRouter 1.0 - Traceroute log & fake Vadim Kolontsov (Aug 11)