|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Derek Kwan (dkwan
KWAN.CA)Date: Thu Mar 08 2001 - 14:03:51 CST
Dumb question... How's a FW going to prevent people connect to the web
port and issue this kind of Infinite HTTP request?
Unless the FW also have some kind of realtime IDS build into it to block
traffic in realtime... Am I correct?
Derek
On Thu, 8 Mar 2001, [iso-8859-1] Peter Gründl wrote:
> ======================================================================
> Defcom Labs Advisory def-2001-10
>
> Websweeper Infinite HTTP Request DoS
>
> Author: Peter Gründl <peter.grundldefcom.com>
> Release Date: 2001-03-08
> ======================================================================
[snip...]
>
> GET / HTTP/1.0
> Host: www.foo.org
> referrer: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.................
[snip...]
>
> ---------------------------=[Workaround]=-----------------------------
> None known, the vendor suggest placing a firewall infront of the
> websweeper application.
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]