lvs-users
|
To: | <lvs-users@xxxxxxxxxxxxxxxxxxxxxx> |
---|---|
Subject: | udp flood tool crashes LVS-NAT from the inside |
Cc: | mickey@xxxxxxxxxxxxx |
From: | "Mickey Everts" <mickey-ml@xxxxxxxxxxxxx> |
Date: | Sat, 6 Nov 2004 01:12:12 -0800 |
Today I had an incident at work where an attacker used a PHP exploit to grab the following script and run it from one of our "real servers" (running as apache's permissions): http://www.packetstormsecurity.org/DoS/udp.pl This rather short script brought our LVS box, a 3 GHz Pentium 3 system with dual gigabit interfaces, to its knees. Note that it's actually connected to a 100megabit interface. Obviously we want to secure our real servers, but is there any way to stop this kind of thing from killing our LVS server so easily? Regards, Mickey |
<Prev in Thread] | Current Thread | [Next in Thread> |
---|---|---|
|
Previous by Date: | Re: Ldirectord Redhat EL3 SSL checking problem, Seth Daniel |
---|---|
Next by Date: | Re: udp flood tool crashes LVS-NAT from the inside, Graeme Fowler |
Previous by Thread: | Re: Ldirectord Redhat EL3 SSL checking problem, Horms |
Next by Thread: | Re: udp flood tool crashes LVS-NAT from the inside, Graeme Fowler |
Indexes: | [Date] [Thread] [Top] [All Lists] |