| DDOS Attacks |
[eluser]rvillalon[/eluser]
I recently came across an article talking about allowing users to embed images in forums and a potential DDOS attack that can take place. If I read it correctly, an attacker can perform multiple image uploads at a very slow transfer rate, creating a DDOS. http://ez.no/es/developer/articles/dange...ng_be_done Quote:Perhaps the biggest issue lies in the fact that having PHP download an external file is something that an attacker can abuse to launch a Denial of Service (DoS) attack against the server. To download a file, the first thing PHP needs to do is to establish a connection to a host server. If that server happens to be particularly slow, this can take a fair amount of time. During this time, the PHP process responsible for handling the request is waiting for a socket (a process that takes no CPU time, so maximum execution limit is not triggered). By default, this wait time lasts for a whooping 60 seconds, during which this process is unusable for operations. If every web server process can be made to perform the download, the server will become inaccessible to other users. Can an attack like this be prevented using hardware? |
| Messages In This Thread |
|
DDOS Attacks - by El Forum - 03-03-2009, 12:52 PM
DDOS Attacks - by El Forum - 03-03-2009, 01:04 PM
DDOS Attacks - by El Forum - 03-03-2009, 02:28 PM
DDOS Attacks - by El Forum - 03-07-2009, 07:17 PM
DDOS Attacks - by El Forum - 03-07-2009, 07:43 PM
DDOS Attacks - by El Forum - 03-07-2009, 10:09 PM
DDOS Attacks - by El Forum - 03-08-2009, 10:05 AM
DDOS Attacks - by El Forum - 03-12-2009, 10:46 AM
DDOS Attacks - by El Forum - 03-15-2009, 01:59 PM
DDOS Attacks - by El Forum - 09-24-2009, 05:26 AM
DDOS Attacks - by El Forum - 09-24-2009, 07:47 AM
DDOS Attacks - by El Forum - 09-24-2009, 10:23 AM
|
