-------- Original Message --------
Subject: Re: glassfish DoS attack test - confirmed
From: Oleksiy Stashok <Oleksiy.Stashok@Sun.COM>
Date: Sun, February 07, 2010 6:46 am
To: users@glassfish.dev.java.net
Hi,
you can decrease time GF waits for incoming connection data by setting upload timeout setting in domain.xml like [1].
For sure after decreasing this value you can forget about "telneting" to GF, but it should help with such kind of DoS attacks.
WBR,
Alexey.
[1]
<network-config>
<protocols>
<protocol name="http-listener-1">
<http max-connections="0" default-virtual-server="server" server-name="" upload-timeout-enabled="true" connection-upload-timeout-millis="1000">
On Feb 7, 2010, at 8:58 , Cam Bazz wrote:
mod_jk and mod_evasive are now working perfectly with my glassfish v3.
I found out that the new procedure described by jfarcand is much
easier than the older mod_jk configs.
unfortunately, even though mod_evasive works (like after clicking
refresh repetitively gets you a 403) slowsaris.pl still effects gf v3.
best.
On Sun, Feb 7, 2010 at 3:13 AM, <
jcfolsom@pureperfect.com> wrote:
mod_evasive is the only thing that I know of that is HTTP specific. Really
though, ddos is an network issue and not specific to even IP let alone HTTP.
I don't know enough about firewalls though to help you out, but please keep
us posted on what you find.
-------- Original Message --------
Subject: Re: glassfish DoS attack test - confirmed
From: Cam Bazz <cambazz@gmail.com>
Date: Sat, February 06, 2010 7:01 pm
To: users@glassfish.dev.java.net
well, right when i was reading about mod_evasive, on
http://bahumbug.wordpress.com/2009/06/21/slowloris/ - that someone
commented that mod_evasive was not able to defend againist slowaris
Best.
On Sun, Feb 7, 2010 at 1:50 AM, Cam Bazz <cambazz@gmail.com> wrote:
ah thank you jcfolsom... any documentation about this? best..
On Sun, Feb 7, 2010 at 1:42 AM, <jcfolsom@pureperfect.com> wrote:
It's probably a good idea to run Glassfish behind Apache with mod_evasive
instead of on the public web.
-------- Original Message --------
Subject: glassfish DoS attack test - confirmed
From: Cam Bazz <cambazz@gmail.com>
Date: Sat, February 06, 2010 5:21 pm
To: users@glassfish.dev.java.net
Hello,
Investigating why my glassfish v3 pauses, and following a previous
thread on this list, i have found that the slowaris.pl perl script,
does indeed bring glassfish v3 to its knees. It will not leave
anything in the access logs, nor the server logs, but it does cause
the same effect (glassfish pausing for certain period of times,
usually until these threads times out)
I have not verified the attack signature, which means that I dont know
if my glassfish is having problems because of an attack, but I have
run the exploit script againist my own server, and it generates the
same effect.
I also have made a simple program that just connects to a pingservlet,
which just prints new date, and the total connection time is measured
so I could study the problem methodically.
Best Regards,
-C.B.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net
--------------------------------------------------------------------- To
unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net For
additional
commands, e-mail: users-help@glassfish.dev.java.net
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net
--------------------------------------------------------------------- To
unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net For additional
commands, e-mail: users-help@glassfish.dev.java.net
---------------------------------------------------------------------
To unsubscribe, e-mail:
users-unsubscribe@glassfish.dev.java.netFor additional commands, e-mail:
users-help@glassfish.dev.java.net