Apache dDoS “killapache” Sends Malformed GET Requests

There is a bug in certain versions of Apache that is susceptible to a dDoS using malformed GET requests. You can find more information about “killapache” at the following site.

http://www.pentestit.com/2011/08/25/killapache-ddos-tool-freezes-apache-web-server/

 

There is no patch, however their is a work around for this bug which is provided below. In Ubuntu or Debian create a new file “/etc/apache2/conf.d/killapache-fix” and place the following code

 


# Drop the Range header when more than 5 ranges.
# CVE-2011-3192
SetEnvIf Range (,.*?){5,} bad-range=1
RequestHeader unset Range env=bad-range

# optional logging.
CustomLog logs/range-CVE-2011-3192.log common env=bad-range

You may need to install the “headers” module, which can be done by typing “a2enmod headers” and then you should be able to reload apache without errors.

 

0 Shares:
You May Also Like

Run Windows Applications within Ubuntu

I ran into this article about how you can seamlessly run Windows Applications from within Ubunutu. The author is using VMware, rdesktop (apt-get install rdesktop), and Seamless RDP. http://hehe2.net/thedarkside/microsoft/run-windows-apps-100-seamlessly-on-ubuntu/

Setting up daily, weekly and monthly MySQL Database Backups using AutoMySQLBackup

AutoMySQLBackup is a shell script that allows daily, weekly and monthly backups of your local and remote MySQL Databases. It's meant to run on Linux/Unix through a cron job. Its highly configurable, and easy to setup as I will show you today! First you will need to acquire the shell script and drop it on your server. You can download AutoMySQLBackup on their SourceForge Project Page