W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1997

Re: Hostile webserver attack!!!!

From: John D. Pritchard <jdp@cs.columbia.edu>
Date: Sat, 28 Dec 1996 14:45:24 -0500
Message-Id: <199612281945.OAA27562@play.cs.columbia.edu>
To: Erez Levin <erezl@dingo.co.il>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/2254

> It seems that two Hackers magazines have published the source code and
> now any webserver in the world is opened to such and attack."
> (Summarised from "Globes"  http://www.globes.co.il Israel financial
> magazine, Hi-Tech section, tuesday edition).
> Is any of you guys familiar with this "SYN-flood" bombimg method?  does
> anyone know how you can located this suspects and place them under a
> "black list" of forbidden sites?

goto cert

the attack fills up the response queue.  if your response queue is larger
than the flood, eg, Solaris, then there's no real vulnerability

Received on Friday, 3 January 1997 15:04:06 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:19 UTC