DoS attack in the wild
Cliff Wells
cliff at develix.com
Fri Jun 19 23:39:46 MSD 2009
On Fri, 2009-06-19 at 21:45 +0300, luben karavelov wrote:
> A DoS attack against number of http servers is available and has hit
> slashdot today:
> http://it.slashdot.org/story/09/06/19/1243203/Attack-On-a-Significant-Flaw-In-Apache-Released
>
> Out of the box nginx is also vulnerable (I have tested it on latest 0.7
> installation). A quick fix for the vulnerability follows:
I notice that one of the prerequisites is:
"2) Negotiate a high TCP window size for each of the connections (1 GB
should be doable)"
This seems to point to TCP stack tuning to prevent this.
Cliff
--
http://www.google.com/search?q=vonage+sucks
More information about the nginx
mailing list