DoS attack in the wild

Weibin Yao nbubingo at gmail.com
Tue Jun 23 06:34:07 MSD 2009


István at 2009-6-22 20:40 wrote:
> I wasn't able to raise the load above 0,1 with nginx-0.6.32 on freebsd.
>
> What did I wrong if nginx is affected "much stronger"?
Under this attack, Nginx just blocks all the sockets for 
client_header_timeout seconds, the load is always very low.

In my tests, apache2 stops working when the attack number is above 500. 
I think maybe apache2 can't fork more processes or threads.
But Nginx can survive when the attack number is below 
woker_processes*worker_connections. It's more difficult to attack Nginx 
than apache. But if you have enough attack computers, you also can make 
a Nginx server deny service.

-- 
Weibin Yao






More information about the nginx mailing list