Bugtraq mailing list archives
Re: Web servers / possible DOS Attack / mime header flooding
From: vanja () SIAMRELAY COM (Vanja Hrustic)
Date: Thu, 3 Sep 1998 15:58:55 -0400
At 12:34 03/09/98 +0200, Laurent FACQ wrote:
# => by sending a crazy amount of 8000 bytes headers, it's possible # to consume a lot of memory (and of course CPU). The point # is that httpd daemons grow and STAY at this big size (or die # if you send too much)
After 2000 headers, 1.3.1 was consuming 93% and stayed there (other processes were consuming 7%). Script dies after 2800 and Apache goes back to 0.05%. Couldn't crash it. Tested on HP-UX 10.20 / Apache 1.3.1. Vanja Hrustic Information Systems Manager Siam Relay Ltd. http://www.siamrelay.com vanja () siamrelay com Phone: +662-616-8628 Fax: +662-272-6516
Current thread:
- Re: Security Hole in Axent ESM Jeffrey Hutzelman (Aug 31)
- Re: Security Hole in Axent ESM Caskey L. Dickson (Sep 01)
- Re: Security Hole in Axent ESM Taral (Sep 02)
- Re: Security Hole in Axent ESM Patrick (Sep 02)
- Borderware predictable initial TCP racer-x () ALTAVISTA NET (Sep 02)
- Re: Borderware predictable initial TCP Aggelos P. Varvitsiotis (Sep 03)
- Web servers / possible DOS Attack / mime header flooding Laurent FACQ (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Vanja Hrustic (Sep 03)
- wwwboard.pl vulnerability bugtraq (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Rich Wood (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Daniel Leeds (Sep 03)
- Re: Web servers / possible DOS Attack / mime header flooding Lars Eilebrecht (Sep 03)
- Re: Security Hole in Axent ESM Taral (Sep 02)
- Fwd: [ISN] Another BO detector that is actually a trojan Reuben Yau (Sep 03)
- Security Bulletins Digest (fwd) Piotr Strzy¿ewski (Sep 03)
- Back Orifice detection and removal The Late Ian Angles (Sep 03)
- Re: Security Hole in Axent ESM Caskey L. Dickson (Sep 01)
- Cisco Security Notice: PIX Firewall Manager File Exposure psirt () CISCO COM (Sep 02)
- <Possible follow-ups>
- Re: Security Hole in Axent ESM Jim Dennis (Sep 03)
- Re: Security Hole in Axent ESM dcupp () SNAKEBITE COM (Sep 24)