On 24/08/11 08:53, Dirk Hartmann wrote:
> Hi,
>
> it is possible to dos a actual squeeze-apache2 with easy to forge
> rage-requests:
>
> http://lists.grok.org.uk/pipermail/full-disclosure/2011-August/082299.html
>
> Apache-devs are working on a solution:
>
> http://www.gossamer-threads.com/lists/apache/dev/401638
>
> But because the situation seems serious I thought I give you a heads up.
>
> Running this script against a squeeze machine with 8 Cores and 24GB Ram you
> only need 200 threads to kick it out of memory.
>
> Cheers
> Dirk
>
You can use the following redirect as a temporally workaround:
# a2enmod rewrite
RewriteEngine On
RewriteCond %{HTTP:Range} bytes=0-.* [NC]
RewriteRule .? http://%{SERVER_NAME}/ [R=302,L]
Attachment:
signature.asc
Description: OpenPGP digital signature