/ Zope / Apsis / Pound Mailing List / Archive / 2003 / 2003-12 / Re: [Zope] kill LONG request and manage_main DoS?

[ << ] [ >> ]

[ Why /var/run/pound_pid.$$? / Michael Alan Dorman ... ] [ pound-current does not work with my pound.cfg ... ]

Re: [Zope] kill LONG request and manage_main DoS?
"Jaroslav Lukesh" <lukesh(at)seznam.cz>		 2003-12-09 09:29:36 [ FULL ] 
> Odesílatel: Dieter Maurer <dieter(at)handshake.de>[...]

Many thanks for nice explanation.
 [...]

I was restart my Zope before a while. I was checking debug page for
connections and after I see only my connections I click to restart :o)...
and Zope works again OK. So I think that customers dont see this little
drop-out.

But as potential DoS attack - does somebody else see this behavior:?

* go to URL: http://server/dtml_document/manage_main
over slow (modem)
connection
* wait to send request, but BEFORE displaying of login form, disconnect
* look at linux server "top" command, one from python tasks consume near
100% on forewer...

I have firewall (HW based with NAT to my machine, I dont manage them) and
Pound 1.4 proxy before Zope, which is configured as:

ExtendedHTTP 1
WebDAV 1
UrlGroup ".*"
BackEnd 127.0.0.1,8080,1
EndGroup

May this situation come with pound+Zope interaction?

Many thanks,

J. Lukesh
MailBoxer