Making sure your application is available
RATE LIMITING
Maybe we should listen to those network guys.
A few months ago I wrote about the Slowloris attack on web servers, the short version of which is: Attackers connect and hold connections open, using very few resources on their end, but soaking up all your available sockets and preventing any legitimate users from connecting. Since then, a number of other denial-of-service types of attack have been announced against web servers, web applications, and other services. This got me thinking: How can programmers deal with these issues in a generic way to reduce their impact?
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia
News
-
Old Vulnerabilities Are Kept Alive Through Bad Configuration
HP's annual Cyber Risk report offers a bleak look at the state of IT.
-
Linus Torvalds Announces Linux 4.0
But what do the big numbers really mean?
-
Microsoft Frees CoreCLR
.NET Core execution engine is the basis for cross-platform .NET implementations.
-
New Trojan Attacks Linux Servers
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
-
Cisco Releases Annual Security Report
Spammers go low-volume, and 90% of IE browsers are unpatched.
-
Zero Day Exploits Target Flash
Adobe scrambles to release patches for vulnerable Flash Player.
-
Intel Unveils Compute Stick
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
-
Obama Proposes Personal Data Notification Law
New statute would require companies to report break-ins to consumers.
-
TGXf Project Warns of File Transfer through Screen Pixels
Weird data transfer technique avoids all standard security measures.
-
Industry Giants Announce a Fix for the Password Mess
FIDO alliance declares the beginning of the end for old-style login authentication.