On Fri, 7 Aug 1998, Dag-Erling Coidan [ISO-8859-1] Smørgrav wrote: > There seems to be a simple way of badly DoSing any Apache server. It > involved a massive memory leak in the way it handles incoming request > headers. I based my exploit on the assumption that they use setenv() > (which they don't) and that the bug occurs when you send a header that > will end up as an environment variable if you request a CGI script > (such as User-Agent), but I have since verified that there is no > connection there. Anyway, you can blow Apache through the roof by > sending it tons of headers - the server's memory consumption seems to > be a steep polynomial of the amount of data you send it. Below is a > snapshot of top(1) about one minute after I sent my server a request > with 10,000 copies of "User-Agent: sioux\r\n" (totalling 190,016 bytes > of data) > Today when I was looking at the Apache 1.3.1 help files i've found a parameter that might stop this: "RLimitMem". I guess this should make Apache use only the amount of memory that you want to. Andy
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:12:47 PDT