well, right when i was reading about mod_evasive, on
http://bahumbug.wordpress.com/2009/06/21/slowloris/ - that someone
commented that mod_evasive was not able to defend againist slowaris
Best.
On Sun, Feb 7, 2010 at 1:50 AM, Cam Bazz <cambazz_at_gmail.com> wrote:
> ah thank you jcfolsom... any documentation about this? best..
>
> On Sun, Feb 7, 2010 at 1:42 AM, <jcfolsom_at_pureperfect.com> wrote:
>>
>> It's probably a good idea to run Glassfish behind Apache with mod_evasive
>> instead of on the public web.
>>
>>
>> -------- Original Message --------
>> Subject: glassfish DoS attack test - confirmed
>> From: Cam Bazz <cambazz_at_gmail.com>
>> Date: Sat, February 06, 2010 5:21 pm
>> To: users_at_glassfish.dev.java.net
>>
>> Hello,
>>
>> Investigating why my glassfish v3 pauses, and following a previous
>> thread on this list, i have found that the slowaris.pl perl script,
>> does indeed bring glassfish v3 to its knees. It will not leave
>> anything in the access logs, nor the server logs, but it does cause
>> the same effect (glassfish pausing for certain period of times,
>> usually until these threads times out)
>>
>> I have not verified the attack signature, which means that I dont know
>> if my glassfish is having problems because of an attack, but I have
>> run the exploit script againist my own server, and it generates the
>> same effect.
>>
>> I also have made a simple program that just connects to a pingservlet,
>> which just prints new date, and the total connection time is measured
>> so I could study the problem methodically.
>>
>> Best Regards,
>> -C.B.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>
>> --------------------------------------------------------------------- To
>> unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net For additional
>> commands, e-mail: users-help_at_glassfish.dev.java.net
>