[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] consistently pounded

Subject: Re: [cobalt-security] consistently pounded
From: Adam Crews <doo@xxxxxxxxxx>
Date: Tue, 23 May 2000 20:18:43 -0700 (PDT)

On Tue, 23 May 2000, Theodore Jones wrote:

  | >
  | >         2) You can install tcp wrappers (you really ought to have
  | > 'em running anyway), configure them to monitor the httpd port and
  | > add the bums to your hosts.deny file.

I would strongly discourage tcp wrappers on the http port. You will get a
huge performance hit.  one of the ways that a web server an be so fast is
because it has several daemons running and waiting for connections.  If
you tcpwrapper this, you can no longer do this.  Now, before the web
daemon can even start up, it must pass the tcpwrappers, then it must load
and parce the http config file (very slow if you have virtual hosts), and
finally the http daemon wont take advantage of the ability to do multiple
requests down a single connection.   Every request for an image, page,
ect.. will result in a tcpwrapper lookup, and the spawning of another http
daemon.  Also if you have any dns slowness at all, tcpwrappers will take
to long to spawn the web daemon.

-Adam

Follow-Ups:
- Re: [cobalt-security] consistently pounded
  - From: Theodore Jones

References:
- Re: [cobalt-security] consistently pounded
  - From: Theodore Jones

Prev by Date: Re: [cobalt-security] SSH RSA Authentication on Raq2
Next by Date: Re: [cobalt-security] consistently pounded
Previous by thread: Re: [cobalt-security] consistently pounded
Next by thread: Re: [cobalt-security] consistently pounded

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index