Making sure your application is available

RATE LIMITING

Article from Issue 110/2010
Author(s):

Maybe we should listen to those network guys.

A few months ago I wrote about the Slowloris attack on web servers, the short version of which is: Attackers connect and hold connections open, using very few resources on their end, but soaking up all your available sockets and preventing any legitimate users from connecting. Since then, a number of other denial-of-service types of attack have been announced against web servers, web applications, and other services. This got me thinking: How can programmers deal with these issues in a generic way to reduce their impact?

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Welcome

    Security is always big news in IT. The talk today is that the Hollywood Presbyterian Medical Center, in Hollywood, California, has just suffered a crippling ransomware attack. Most of the computers at the hospital are compromised with what appears to be a variant of the CryptoWall ransomware tool.

  • Hash Functions

    Cryptographic hash functions help you protect your passwords, but hashing is only secure if properly understood.

  • Security Lessons

    A slow death for the default configuration.

  • Credential Stuffing

    A credential stuffing cyberattack uses username and password credentials stolen in a data breach to gain access to your accounts. We explain how it works and how to prevent yourself from becoming a victim.

  • Security Lessons

    Sometimes, even ING, YouTube, The New York Times, and Google get it wrong.

comments powered by Disqus