Apache dDoS “killapache” Sends Malformed GET Requests

There is a bug in certain versions of Apache that is susceptible to a dDoS using malformed GET requests. You can find more information about “killapache” at the following site.

http://www.pentestit.com/2011/08/25/killapache-ddos-tool-freezes-apache-web-server/

 

There is no patch, however their is a work around for this bug which is provided below. In Ubuntu or Debian create a new file “/etc/apache2/conf.d/killapache-fix” and place the following code

 

# Drop the Range header when more than 5 ranges.
# CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range

# optional logging.
CustomLog logs/range-CVE-2011-3192.log common env=bad-range

You may need to install the “headers” module, which can be done by typing “a2enmod headers” and then you should be able to reload apache without errors.

 

0 Shares:
You May Also Like

Microsoft changes their mind about allowing virtulization of Vista Home and Premium

No virtualization for home or premium? Is a ploy to take more money back from the consumer to buy the "super-duper-more-expensive" version so that you can do virtualization?
Microsoft ditches about-face on virtualization restrictions at 11th hour -

Microsoft this week was about to relent and allow the (legal) virtualization of Windows Vista Home Premium and Home Basic. Then the company pulled the plug on the announcement, but there are signs that a change is still possible.

Read More...

[Ars Technica]