Update on protection against slowloris
István
leccine at gmail.com
Fri Oct 2 08:49:03 UTC 2009
hmm, i am curious as well, lets wait to 2.4
On Fri, Oct 2, 2009 at 9:18 AM, Tom Evans <tevans.uk at googlemail.com> wrote:
> On Thu, 2009-10-01 at 19:46 +0100, István wrote:
> > "The bad news is that it can indeed take a badly-configured apache
> > server down, and the worse news is that that includes a low-traffic
> > out-of-the box configuration. Even with the Event MPM, slowloris can
> > tie up one worker thread per connection."
> >
> >
> >
> >
> > for sure
> >
>
> It doesn't tie up one thread, one thread is partially occupied by
> waiting for the slowloris connection to finish sending the request. That
> thread can still handle other connections that are sending requests. In
> our tests, running a couple of slowloris instances against event MPM had
> virtually no effect.
>
> Cheers
>
> Tom
>
>
--
the sun shines for all
More information about the freebsd-security
mailing list