Igor Minar wrote:
> So I did... and I DoS-ed my grizzly webserver on the first try.
>
> I think what we need here is to:
> * ensure that headers are being read with nonblocking io
> * maybe put a limit on the number/size of headers, which if reached
> would result in connection termination
Really? Are you using the latest version? From the code it is clear it
will times out. I will take a look at the test.
A+
--Jeanfrancois
>
> /i
>
>
> On Jun 19, 2009, at 12:32 PM, Jeanfrancois Arcand wrote:
>
>> Try it :-)
>>
>> We have a time out of 30 seconds and then we close the connection.
>>
>> A+
>>
>> -- Jeanfrancois
>>
>> Igor Minar wrote:
>>> {quote}
>>> In this case, the server will open the connection and wait for the
>>> complete header to be received. However, the client (the DoS tool)
>>> will not send it and will instead keep sending bogus header lines
>>> which will keep the connection allocated.
>>> {quote}
>>> http://isc.sans.org/diary.html?storyid=6601
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe_at_grizzly.dev.java.net
>>> For additional commands, e-mail: users-help_at_grizzly.dev.java.net
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_grizzly.dev.java.net
>> For additional commands, e-mail: users-help_at_grizzly.dev.java.net
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_grizzly.dev.java.net
> For additional commands, e-mail: users-help_at_grizzly.dev.java.net
>