X-RDate: Wed, 31 Dec 1997 09:58:01 +0500 (ESK)
Date: Tue, 30 Dec 1997 11:59:55 GMT
From: Mark Lowes <[email protected]>
To: [email protected]Subject: Re: Apache DoS attack?
----=_34a8e23b943997180eb3fac9.MFSBCHJLHS
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
On Tue, 30 Dec 1997 11:07:04 +0100, you wrote:
>[execuse me if it has been discovered before]
First I've heard.
>Here's a simple exploit for Apache httpd version 1.2.x (tested on 1.2.4).
>When launched, causes incerases of victim's load average and extreme
>slowdowns of disk operations. On my i586 Linux annoying slowdown has been
>experienced immediately (after maybe 5 seconds). After about 4 minutes
>work has been turned into real hell (286?).
Ok here's an initial patch, I'm sure someone will come up with something
better and more effcient but it works. :)
Mark
--
+--------------------------------------------------------------------+
| Frontier Internet Services Ltd - Disclaimer; |
| |
| All statements made and agreements come to by means of email are |
| at all times subject to Frontier's Terms and Conditions of service |
| and product descriptions / sales literature. Representations made |
| above and beyond those contained there in are not to be relied |
| upon and are at no time contractually binding. |
+--------------------------------------------------------------------+
----=_34a8e23b943997180eb3fac9.MFSBCHJLHS
Content-Type: application/octet-stream; name=beck.patch
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=beck.patch
LS0tIC91c3Ivc3JjL2FwYWNoZV8xLjIuNC9zcmMvaHR0cF9wcm90b2NvbC5jCUZyaSBBdWcgMTUg
MTc6MDg6NTEgMTk5NworKysgL3Vzci9zcmMvYXBhY2hlXzEuMi40LnBhdGNoL3NyYy9odHRwX3By
b3RvY29sLmMJVHVlIERlYyAzMCAxMTo1NDozNyAxOTk3CkBAIC01MTAsNiArNTEwLDExIEBACiAg
ICAgaW50IGxvb3A7CiAjZW5kaWYKIAorLyogLS0gbmVlZGVkIGZvciBGcm9udGllciBwYXRjaCAt
LSAqLworICAgIGludCBGdGVjaF9sb29wOworICAgIGludCBGdGVjaF9jb3VudDsKKy8qIC0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0gKi8KKwogLyogQSBwcm94eSByZXF1ZXN0IGNvbnRh
aW5zIGEgJzonIGVhcmx5IG9uLCBidXQgbm90IGFzIGZpcnN0IGNoYXJhY3RlciAqLwogICAgIGZv
ciAocz11cmk7IHMgIT0gJ1wwJzsgcysrKQogCWlmICghaXNhbG51bSgqcykgJiYgKnMgIT0gJysn
ICYmICpzICE9ICctJyAmJiAqcyAhPSAnLicpIGJyZWFrOwpAQCAtNTQxLDYgKzU0NiwzMCBAQAog
ICAgIC8qIEZpeCBPUy8yIEhQRlMgZmlsZW5hbWUgY2FzZSBwcm9ibGVtLiAqLwogICAgIHItPnVy
aSA9IHN0cmx3cihyLT51cmkpOwogI2VuZGlmCisKKy8qCisgKiBGcm9udGllciBwYXRjaCB0byBm
aXggYnVndHJhcSByZXBvcnRlZCBleHBsb2l0CisgKi8KKworICAgRnRlY2hfY291bnQ9MDsKKyAg
IGZvciAoRnRlY2hfbG9vcCA9IDA7IEZ0ZWNoX2xvb3AgPD0gc3RybGVuKHItPnVyaSk7ICsrRnRl
Y2hfbG9vcCkgeworICAgICAgIGlmIChyLT51cmlbRnRlY2hfbG9vcF0gPT0gJy8nKQorCSAgCXsg
CisJCUZ0ZWNoX2NvdW50Kys7IAorCQl9CisJZWxzZQorCSAgeworCSAgRnRlY2hfY291bnQ9MDsK
KwkgIH0KKwlpZiggRnRlY2hfY291bnQgPj0gNiApCisJICB7IAorCSAgci0+dXJpWzBdPScvJzsK
KwkgIHItPnVyaVsxXT0nXDAnOworCSAgYnJlYWs7CisJICB9CisgICB9OworCisvKiAtLS0gZW5k
IHBhdGNoIC0tLSAqLwogCiAJaWYgKCp1cmkpIHItPmFyZ3M9IHBzdHJkdXAoci0+cG9vbCwgdXJp
KTsKIAllbHNlIHItPmFyZ3MgPSBOVUxMOwo=
----=_34a8e23b943997180eb3fac9.MFSBCHJLHS--