Apache patch by Mark Lowes: [...] + /* Compress multiple '/' characters into one */ + /* To prevent "GET //////..." attack */ [...] After a few tests I discovered that Apache first looks for files [index|homepage].[html|shtml|cgi] (probably it makes over 32000 chdirs :), then dies, throwing 'filename too long' error into logs. Client gets 'Forbidden' response and disconnects. But httpd child process still stays in background, wasting large amount of CPU time and system resources. Note it happends _only_ after this error, so '//...' sequence must as long as it's possible (about 7 kB). The PERFECT httpd patch should also fix httpd's cleanup, to make httpd a little more stable :) _______________________________________________________________________ Michal Zalewski [tel 9690] | finger 4 PGP [lcamtufat_private] =--------- [ echo "while [ -f \$0 ]; do \$0 &;done" >_;. _ ] ---------=
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:37:49 PDT