Apache dDoS “killapache” Sends Malformed GET Requests

There is a bug in certain versions of Apache that is susceptible to a dDoS using malformed GET requests. You can find more information about “killapache” at the following site.

http://www.pentestit.com/2011/08/25/killapache-ddos-tool-freezes-apache-web-server/

 

There is no patch, however their is a work around for this bug which is provided below. In Ubuntu or Debian create a new file “/etc/apache2/conf.d/killapache-fix” and place the following code

 

# Drop the Range header when more than 5 ranges.
# CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range

# optional logging.
CustomLog logs/range-CVE-2011-3192.log common env=bad-range

You may need to install the “headers” module, which can be done by typing “a2enmod headers” and then you should be able to reload apache without errors.

 

0 Shares:
You May Also Like

Setting up daily, weekly and monthly MySQL Database Backups using AutoMySQLBackup

AutoMySQLBackup is a shell script that allows daily, weekly and monthly backups of your local and remote MySQL Databases. It's meant to run on Linux/Unix through a cron job. Its highly configurable, and easy to setup as I will show you today! First you will need to acquire the shell script and drop it on your server. You can download AutoMySQLBackup on their SourceForge Project Page

Linksys WRT54G and WRT54GL Being Phased Out?

I went to pick up a Wireless Router from a local computer shop http://www.a-power.com in hopes of grabbing a WRT54GL or at least a WRT54GS. The main reason being that I could flash the hardware to run DD-WRT http://www.dd-wrt.com which is a third part open source router firmware.

Official Jailbreak for iPhone 2.1 Firmware Released OSX Only

There is now an official iphone-dev.org version of QuickPwn that supports the 2.1 firmware released by Apple on friday.
Some of the popular press and blogs have been backing the opposition. :-) While criticism and competition is fine it should be reported correctly, with all the facts. and certainly minus the FUD. Do you guys think we are “less and less relevant with each passing day” ? We don’t think so, and we certainly prefer our hacks to theirs. ;-) Though even if the world deems us irrelevant, the iPhone family of devices is still fun to hack!