[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Hash Table Collisions (n.runs-SA-2011.004)
- From: Petite Abeille <petite.abeille@...>
- Date: Sat, 7 Jan 2012 14:32:52 +0100
On Jan 6, 2012, at 11:22 AM, Jerome Vuarand wrote:
> With 40k strings, the config file is 1.4M long, the HTTP request
> should be of similar size (a bit smaller I believe). With 50k strings
> it seems I hit the nanoki timeout (I get "curl: (52) Empty reply from
> server").
Well done. Seems to be in line with David Favro test. So now we have a couple of scripts to test this scenario. Very good :)
In other news:
Are you ready for slow reading?
https://community.qualys.com/blogs/securitylabs/2012/01/05/slow-read
How to Protect Against Slow HTTP Attacks
https://community.qualys.com/blogs/securitylabs/2011/11/02/how-to-protect-against-slow-http-attacks
The fun never ends :))
- References:
- Re: Hash Table Collisions (n.runs-SA-2011.004), TNHarris
- Re: Hash Table Collisions (n.runs-SA-2011.004), Mark Hamburg
- Re: Hash Table Collisions (n.runs-SA-2011.004), Tom N Harris
- Re: Hash Table Collisions (n.runs-SA-2011.004), Mark Hamburg
- Re: Hash Table Collisions (n.runs-SA-2011.004), Vladimir Protasov
- Re: Hash Table Collisions (n.runs-SA-2011.004), Leo Razoumov
- Re: Hash Table Collisions (n.runs-SA-2011.004), Vladimir Protasov
- Re: Hash Table Collisions (n.runs-SA-2011.004), Miles Bader
- Re: Hash Table Collisions (n.runs-SA-2011.004), Ashwin Hirschi
- Re: Hash Table Collisions (n.runs-SA-2011.004), Petite Abeille
- Re: Hash Table Collisions (n.runs-SA-2011.004), David Favro
- Re: Hash Table Collisions (n.runs-SA-2011.004), Petite Abeille
- Re: Hash Table Collisions (n.runs-SA-2011.004), Jerome Vuarand