IIS on NT 4.0 sp3, and the stock windows 98 http server appear to be immune. however some other 3rd party products appear vulnerable. UnityMail 2.0 for 95/NT *IS* vulnerable to the DOS. CPU load forks to 100%, the system is useable, however all access to the UnityMail administrative web server is hung. The above is probably not a huge deal, other than annoying mailing list admins who want to access their lists via the web admin, but i think its probably illustrative of a wider scope---> how many other administrative web interfaces, commercial http servers, etc are vulnerable to this denial of service? On 03-Sep-98 Rich Wood wrote: > On 3 Sep 98, at 12:34, Laurent FACQ wrote: >> # => by sending a crazy amount of 8000 bytes headers, it's possible >> # to consume a lot of memory (and of course CPU). The point >> # is that httpd daemons grow and STAY at this big size (or die >> # if you send too much) > > Tried against apache 1.3.1 on FreeBSD 2.2.6 (DX2-66 16Mb), script hung > after 2500 headers with apache using 30Mb. > > Tried against apache 1.3.1 on NT4 (workstation) SP3 (P200 64Mb), after > 7500 headers, apache was using 120Mb RAM and the box ground to a halt. > > It didn't actually crash apache on either box, but severely reduced the > usefulness of the systems. > > Rich > -- > Rich Wood -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Daniel Leeds Systems Administrator dleedsat_private DigitalFacades -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:55 PDT