Two different things come to mind. Kingcope found an Apache byterange
vulnerability and the PoC code he wrote for it exhausts the resources on
a server running Apache. Only 1 instance of his perl script had to be
ran. LOIC is another that could possible DoS your server from one
source. What
> You wouldn't keep a syn proxy rule enabled all the time; only under a DoS
> attack. You could also implement ModSecurity.
ModSecurity looks good and I think it works with nginx as well as
apache. Is everyone who isn't running OSSEC HIDS or ModSecurity
vulnerable to a single client requesting t
I'm a bit confused about the requirements for Apache 2.4.6. This page seems
very clear :
http://www.apache.org/dist/httpd/Announcement2.4.html
There is states that "This release requires the Apache Portable Runtime
(APR)
version 1.4.x and APR-Util version 1.4.x"
The page for the Apache
You wouldn't keep a syn proxy rule enabled all the time; only under a
DoS attack. You could also implement ModSecurity.
On 07/29/2013 02:07 PM, Grant wrote:
Also, you should be able to limit simultaneous client connections
with your
firewall and pass the traffic in a syn proxy state. There are
> Also, you should be able to limit simultaneous client connections with your
> firewall and pass the traffic in a syn proxy state. There are numerous ways
> to achieve this.
Is that the best way to go besides OSSEC HIDS? I can imagine that
sort of thing could cause problems.
- Grant
>> You ca
> You can always compile from source ;)
> What version of Apache are you running?
I'm running 2.2.25.
- Grant
>>> Was it just an IP exhausting the apache service with too many
>>> connections? What do you see in the access logs? I use OSSEC HIDS on my
>>> apache servers to mitigate this.
>>
>
I'm looking for the erorr in this config :
KeepAlive OnServerName server1.domain1.localServerAdmin
me@domain1.localListen 10.10.10.10:80 http
BalancerMember http://server1.domain2.local
status=-SE
ServerName secured.domain1.local
SSLProxyEngine On
RequestHeader set
Also, you should be able to limit simultaneous client connections with
your firewall and pass the traffic in a syn proxy state. There are
numerous ways to achieve this.
On 07/29/2013 03:18 AM, Michael D. Wood wrote:
You can always compile from source ;)
What version of Apache are you running?
The only reason I asked was because I had done this before and had
the virtualhost created for port 443 but forgot to a2ensite on the
virtualhost.
On 07/29/2013 02:59 AM, Yuvapriya s wrote:
> Yes.. I
have configured Vhosts for port 443..
>
> On Fri, Jul 26, 2013 at 2:56
PM, Michael D. Wood
You can always compile from source ;)
What version of Apache are you running?
On 07/29/2013 02:59 AM, Grant wrote:
Was it just an IP exhausting the apache service with too many
connections? What do you see in the access logs? I use OSSEC HIDS on
my apache servers to mitigate this.
In the ac
Yes.. I have configured Vhosts for port 443..
On Fri, Jul 26, 2013 at 2:56 PM, Michael D. Wood wrote:
> **
>
> Do you have a virtual host configured for the site SSL/443?
>
> On 07/26/2013 05:15 AM, Yuvapriya s wrote:
>
> Hi
>
> We had done split deployment of apache and tomcat and we are trying
> Was it just an IP exhausting the apache service with too many connections?
> What do you see in the access logs? I use OSSEC HIDS on my apache servers to
> mitigate this.
In the access log I see the same IP made many requests during the
service interruption and I think that exhausted the apa
12 matches
Mail list logo
