lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 17 Aug 2013 19:50:34 -0400
From: Valdis.Kletnieks@...edu
To: Jann Horn <jann+couchdb-dev@...jh.net>
Cc: Full Disclosure List <full-disclosure@...ts.grok.org.uk>
Subject: Re: Who's behind limestonenetworks.com AKA DDoS
	on polipo(8123)

On Sat, 17 Aug 2013 13:39:16 +0200, Jann Horn said:

> And yes, you're right, a DoS attack can be unsuccessful. My point was that
> this small amount of traffic shouldn't be called a DDoS because there's no
> way that the intention behind this amount of traffic was to take down that
> service with pure bandwidth.

How quickly they forget....

Not all DDoS are pure bandwidth based.  Consider SYN flooding, where the
packets sent are relatively small and often not even all that frequent, but can
tie up large amounts of resources on the target machine. This sort of attack
works particularly well against sites that have a big blind spot because they
think that all DDoS attacks are massive bandwidth hosedowns.

How many connections/sec does it take to forkbomb your Apache server into
uselessness?  And if you rate limit your Apache so your system doesn't
forkbomb, how many does it take to prevent legitimate traffice from being
serviced?


Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists