Denial Of Service attack on HTTP server
Denys Vlasenko
vda.linux at googlemail.com
Sat Mar 6 16:42:07 UTC 2010
On Saturday 06 March 2010 11:43, Ajith Adapa wrote:
> I had a small doubt with httpd.c code ..
>
> >> Following is the transmission steps between Client and Server
> >>
> >> 1. 3 way handshake
> >> 2. GET packet from client and then followed by ACK from server.
> >> 3. RST ACK from Client to Server
> >>
> >> As a result of RST_ACK packet from client the socket connection is getting terminated >> abruptly and cur_clients global variable is not getting decremented. Once cur_clients
> >> value reaches the max value of 5 it stops accepting the new connections.
>
> In my scenario the child process is getting terminated abnormally and
> there is no mechanism in httpd for decrementing the value of
> cur_clients if it gets terminated abnormally. httpd takes for granted
> that
>
> SIGCHLD signal is ignored in httpd because of a chance of creating
> ZOMBIES. But I tried the scenario where I created a SIGCHLD signal
> handler where it properly handles the child process which is killed
> and decrements the value for cur_clients variable and it solved my
> Denial of Service attack scenario (I am not sure if it is a proper way
> to do but I am not creating any zombies).
>
> When I gone through 1.16 version code for httpd.c file I still see
> that SIGCHLD signal is ignored. But there is no check in httpd server
> for maximum number of clients allowed to be processed.
>
> So is http server in 1.16 version doesnt have any limitation of
> supporting only MAX_CLIENTS number of clients ??
httpd.c in 1.16.0 has neither MAX_CLIENTS nor cur_clients variables
or defines. I searched entire git history and there are no such things
anywhere.
Thus I do not understand what code are you talking about.
--
vda
More information about the busybox
mailing list