DoS attack in the wild
Weibin Yao
nbubingo at gmail.com
Tue Jun 23 06:34:07 MSD 2009
István at 2009-6-22 20:40 wrote:
> I wasn't able to raise the load above 0,1 with nginx-0.6.32 on freebsd.
>
> What did I wrong if nginx is affected "much stronger"?
Under this attack, Nginx just blocks all the sockets for
client_header_timeout seconds, the load is always very low.
In my tests, apache2 stops working when the attack number is above 500.
I think maybe apache2 can't fork more processes or threads.
But Nginx can survive when the attack number is below
woker_processes*worker_connections. It's more difficult to attack Nginx
than apache. But if you have enough attack computers, you also can make
a Nginx server deny service.
--
Weibin Yao
More information about the nginx
mailing list