UUncategorized

Apache dDoS “killapache” Sends Malformed GET Requests

  • August 26, 2011
  • 1 minute read

There is a bug in certain versions of Apache that is susceptible to a dDoS using malformed GET requests. You can find more information about “killapache” at the following site.

http://www.pentestit.com/2011/08/25/killapache-ddos-tool-freezes-apache-web-server/

 

There is no patch, however their is a work around for this bug which is provided below. In Ubuntu or Debian create a new file “/etc/apache2/conf.d/killapache-fix” and place the following code

 


# Drop the Range header when more than 5 ranges.
# CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range

# optional logging.
CustomLog logs/range-CVE-2011-3192.log common env=bad-range

You may need to install the “headers” module, which can be done by typing “a2enmod headers” and then you should be able to reload apache without errors.

 


Did you like this article?


0 Shares:
Share 0
Tweet 0
Share 0
Share 0
— Previous article

Using "robocopy" to Copy EFS Files

Next article —

Pasword Protected Sub Directories Missing on Index Listing with Apache2

You May Also Like
UUncategorized

Hard times for hard drives: US may ban popular imports

This could be a damaging blow to quite a few companies within the United States. For instance, take a dedicated server hosting company that relies on one of many hardware vendors like Dell or HP (Hewlett-Packard). Its possible that said vendor will have stock pile of hard drives. Put lets put this into perspective. If you read the entire article you will see a similar situation that ended with Broadcom filing a complaint against Qualcomm. The International Trade Commission banned Qualcomm from shipping any new chips and hardware into the United Sates, and any chips that were already being shipped to the United States could continue. The ban lasted for 45 days, until an appeal by Qualcomm was successful and then the ban was lifted.
Read More