Server :: Lighttpd - Slow HTTP POST Attack

Jan 31, 2011

[url]

I ran across the above article, which described a DoS attack in which requests are sent very slowly to the Web server. I'm running lighttpd 1.4.28 on a Gentoo Linux server, and I'm wondering if there is anything I could do in preparation to defend against such an attack.

A bug report [url] seems to indicate that there was a patch in place already against this sort of attack, but I wanted to be sure that was the same thing and if there was anything else I needed to do.

View 3 Replies


ADVERTISEMENT

Security :: Is Server Under DdOS Attack - Not Having Much Load And Only Few Process Runs But Site Opens Very Slow

Aug 5, 2010

I have a server and i think that my server is under Ddos attack. i see that server is not having much load and only few process runs but my site opens very slow. i executed the following command on my ssh:

[Code]....

View 7 Replies View Related

Ubuntu Networking :: HTTP POST File Uploads On PCs - Getting 500 Internal Server Error Message

Sep 23, 2010

We're having an issue with HTTP POST file uploads on our two Ubuntu PCs. For some reason, whenever one of our users attempts to submit a file in an HTML form, the request times out, usually with a 500 Internal Server Error message. This problem is not limited to one site, but occurs on all sites that use file uploads. Also, the problem does not appear to be with our network, as a Windows 7 PC on the same network can upload files to the same sites without any difficulties. The problem is not browser-specific; we have tested with Firefox, Epiphany, and Google Chrome and all produce the same results. The issue is relatively new, and was first observed within the last month; before this time, both machines had no problems uploading files.

Does anyone have ANY idea what could be causing this? I've tried a number of things, including rebooting the PCs, rebooting the network, disabling IPv6, etc. I'm not very experienced in Linux system administration, but I can use the terminal and am familiar with some terminal-based diagnostic tools, so if you need any additional info or want me to try something, please let me know! I've exhausted my own computer knowledge with regards to finding a solution to this problem.

View 3 Replies View Related

Server :: Apache Reverse Proxy Slow In Serving HTTP Requests

Mar 18, 2010

A Linux (CentOS5.3) server is setup with apache reverse proxy. The reverse proxy server is opened to outside and an internal server is mapped to ProxyPass configuration. SSL certificate is also installed on the Apache reverse proxy server. The problem is, it is extremely slow in serving http requests through reverse proxy. There is no problem with server resources or bandwidth. When the internal server is directly accessed through Internet, there is no delay. The backend server and the reverse proxy server are also on the same switch (same subnet). When I searched the Net, there were recommendations to enable cache in Apache. I did so as follows in httpd.conf.

<IfModule mod_disk_cache.c>
CacheEnable disk /
CacheRoot "/var/cache/mod_proxy"
CacheDirLevels 5
CacheDirLength 3
</IfModule>

But still there is no progress. Do I want to enable cache in ssl.conf too? Or is there any other workaround to speed up Apache reverse proxy. Is there a way to check that caching is happening?

View 4 Replies View Related

Software :: Firefox And Http Post ?

Sep 10, 2010

There are a few web databases (also including my own php-based pdf manipulator), where I need to fill a html form, and upload file attachments.

About one year ago, these sites stopped to work correctly, when using Firefox (but they work from Internet Explorer). The problem concerns file upload.
Other users here also experienced this, and no firefox update corrected the problem in the past year (I am using Firefox 3.6.9 now, and the problem is still there).

When debugging my pdf creator, I found that the attachment-type of any file upload made by firefox is "text/html", irrespectively of what is the type of the uploaded file. Whilst files uploaded by IE have the correct attachment-type.

View 1 Replies View Related

Ubuntu :: Cisco - Firefox - HTTP Post ?

Aug 7, 2010

I am using the following software stack:Linux version 2.6.32-21-generic (buildd@yellow) (gcc version 4.4.3 (Ubuntu 4.4.3-4ubuntu5) ) #32-Ubuntu SMP Fri Apr 16 08:09:38 UTC 2010 (Ubuntu 2.6.32-21.32-generic 2.6.32.11+drm33.2) (Kubuntu) cisco anyconnect vpn client 2.3.2016, Mozilla Firefox 3.6.8

The problem I have is that once I join my company vpn, I have full access to corporate services confluence, jira, servers, etc. However when I use firefox to try and resolve a jira and post a body of text the connection timesout.

If i use any other browser it works fine, if slow, if i transition workflows it works fine, and if i use windows and firefox with the same cisco client it works fine.

This appears to be a specific issue with Firefox. I have noticed that in general firefox is slower on ubuntu than on any other platform.

View 3 Replies View Related

General :: Using Curl And WGet To Send HTTP Post

Oct 11, 2010

I would like to find out how I would use both curl and wget to sent an http post to get the hostnames of a few servers. I know am not even given any work of anything I have done, but the reason is that I am really lost, and I do not even know how to start it.

View 4 Replies View Related

Slackware :: Function To Check If Lighttpd Running Has Exception When There's No Lighttpd

May 7, 2010

what the procedure is to file bugs against slackware so I will post here. The rc.lighttpd I have works but the function to check if lighttpd is running has an exception when there's no lighttpd.

View 2 Replies View Related

Ubuntu Networking :: Cannot POST Http - Unable To Send Mail Via Squirrelmail

Nov 23, 2010

I have a really weird (but consistent) problem with my Kubuntu 10.10 install: I cannot post some HTTP forms.

First off, this is a client PC problem. My squirrelmail on the server works fine. I just use squirrelmail 1.4.17 to troubleshoot the ubuntu desktop problem

I used an old (07.04) Ubuntu install which worked fine. Then I wiped the disk and installed Kubuntu 10.10 on the same hardware. Everything works but **some** HTTP post does not work (I can log in but not send mail or save draft). I noticed I cannot log in to Yahoo, for example.

My webhosting account can display the apache access_log. When I hit the <Send> button the POST request never arrives to the web server.

I use a router (Dlink DL-604) behind a DSL modem and ooma box. There is a Windows 7 PC and a Kubuntu PC connected to the router. I can use squirrelmail just fine from the Windows PC.

I tried several steps:
- reinstalled Kubuntu
- installed Firefox and Chromium (on top of reconq)
- ran from a CD on my other (Windows 7) PC
- installed Wireshark and compared the traffic (but was unable to pinpoint a problem)

The result was the same: the <Send> button just keeps waiting; the POST request never makes it to the web server.

This sounds (and is) scary and suspect. The fact that the "demo" Kubuntu install (from the CD on my other Windows PC) using the reconq exhibits the same problem on a totally different hardware leads me to believe this may be related to Kubuntu. For example, I had to type this very message on the Windows PC as I could not post it on the forum from my Kubuntu box.

View 2 Replies View Related

Software :: CURL Post Data Command From Shell - HTTP Error Code 408

Jan 29, 2011

I am trying to connect to the web interface found at [URL] using curl. This first requires login information to be entered at [URL], but I am having an issue with the login process. I am trying to submit the following form via POST:

Code:
<form action="j_security_check" method="post" id="login_form" name="login_form">
<center> <table style="background: #cac1cf;FONT-SIZE: 12px;">
<tr> <td align="center" colspan="2">Please enter your username and password:</td>
</tr> <tr> <td align="right">Username</td>
<td> <input name="j_username" style="width: 250px" id="j_username" type="text"/> </td>
</tr> <tr>
<td align="right">Password</td>
<td> <input style="width: 250px" name="j_password" id="j_password" type="password"/> </td>
</tr> <tr> <td colspan="2" align="center">
<input value="Enter" name="enter" type="submit"/>
<input value="Clear" name="Clear" type="reset"/>
</td> </tr> </table> </center> </form>
The command that I am using for this is the following:

Code:
curl -c cookies -b cookies -L -d "j_username=user%40domain.com&j_password=pass" [URL]
The command is properly formatted as far as I can tell. I tested it with another website using a similar authentication scheme using different POST variables specific to the form and it worked fine.

When I run the above command with the -v tag, it reveals this:
Code:
* Connected to lcl.uniroma1.it (151.100.4.74) port 80 (#0)
> POST /sso/j_security_check HTTP/1.1
> User-Agent: curl/7.21.0 (i686-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18
> Host: lcl.uniroma1.it
> Accept: */*
> Content-Length: 44
> Content-Type: application/x-www-form-urlencoded
>
} [data not shown]
< HTTP/1.1 408 The time allowed for the login process has been exceeded. If you wish to continue you must either click back twice and re-click the link you requested or close and re-open your browser
< Date: Sat, 29 Jan 2011 15:26:41 GMT
< Server: Apache-Coyote/1.1
< Content-Type: text/html;charset=utf-8
< Content-Length: 1554
< Connection: close
<
{ [data not shown]
103 1554 100 1554 0 52 5081 170 --:--:-- --:--:-- --:--:-- 10223*
Closing connection #0

I cannot tell why the login timeout is expired when I try to do this, and my investigation toward this end has been fruitless. I saw a brief snippet on Google that vaguely suggested that the underscores in the domain name were at fault, but replacing these with their encoded counterparts did nothing to resolve the issue (that, and underscores should be fine when sent unencoded according to the standards). I have extensively perused the man pages and have come up with nothing to adequately explain this behavior. I also talked to a friend who has worked with curl in his line of work, but he mostly has experience in the context of PHP and has not dealt with this issue before. I am running GNU/Linux 2.6.35-22-generic-pae.

View 3 Replies View Related

Ubuntu Servers :: Nagios On 10.04 Server Using Apt-get - HTTP WARNING: HTTP/1.1 404 Not Found

Aug 4, 2010

I installed Nagios on my Ubuntu 10.04 server using apt-get and when I accessed the web console, everything was OK. I made some changes to apache (creating some new virtual sites) and since then Nagios gives me a warning message for HTTP with the message, HTTP WARNING: HTTP/1.1 404 Not Found. The sites that I created are working perfectly. I noticed that the attemps are 4/4. Does this need to be reset or does Nagios automatically reset that once it detects the issue is resolved?

View 1 Replies View Related

Server :: Apache2 SVN Post-commit Script Certificate Error Post-commit Hook Failed (exit Code 1) With Output?

Oct 12, 2009

I am using apache2 with subversion and trying to get post commit script to run an svn update command. All svn commands seem to work fine manually

Everything used to work fine but then the server ip changed and I can no longer access it with the web name and have to use the ip directly

I am using tortoise svn with vista on my work machine

Here is the script

#!/bin/sh
export LC_CTYPE=en_US.UTF-8
/usr/bin/svn update /home/common/webroot/bob

Here is the result.

Command: Commit
Modified: C:UsersMattDesktopcheckout - bobindex.php
Sending content: C:UsersMattDesktopcheckout - bobindex.php
Completed: At revision: 63
Error: post-commit hook failed (exit code 1) with output:
code....

I think what i need to do is update the certifcate for the apache2, but I'm not sure how to do this, where to put it, and then which of the thousand apache config lines needs to be changed

View 5 Replies View Related

Server :: Lighttpd - After Installation Could Not Get Web Pages

Aug 9, 2010

I have installed lighttpd from svn as

Code:

Then I created four directories

Code:

And ls -l for following is

Code:

So permissions are correct upto here.

Then

Code:

Changed the following to

Code:

To

Code:

Then

Code:

Now I run

Code:

I can see

Code:

lighttpd is running.

Following is lighttpd.conf [url]

I created some html pages in /var/lighttpd/ in a directory called jp (which I had made).
Permissions of Document ROOT

Code:

And the directory

Code:

I was not able to see the webpages [url] but I was able to see [url] so why I could not browse the directory jp

I am getting a 404 not found error. Where as the page exists.

View 4 Replies View Related

Server :: Lighttpd Anti-hotlinking For Images ?

Jan 7, 2011

Lighttpd anti-hotlinking for images i just want these domain to link my imgages (test1.com,newtest2.cn,800keke.net,800org.com.cn),the other site will be redirect to [url].

lighttp configuration :

Code:

This configure onle effect to test1.com. no effect to (newtest3.cn,800keke.net,800org.com.cn. i still dont know why..

View 1 Replies View Related

Server :: Multiple SCGI Servers With Lighttpd?

Jul 16, 2009

I'm trying to configure lighttpd to send SCGI requests to different ports, depending on what file(s) are accessed. Is this possible? This is what I've tried, and it hasn't worked.

Code:

$HTTP["url"] == "URL1" {
scgi.server = (
"/RPC2" =>

[code]...

SCGI requests aren't sent to the correct port, regardless of what file is accessed.

View 1 Replies View Related

Ubuntu Networking :: Slow Response For HTTP Proxy Over SSH?

Dec 3, 2010

I'm a little stumped on this one so I reaching out to see if anyone here has any idea. I just changed my ISP to Surewest as they're doing fiber straight to the house in my area so I have 8Mbps up and down.

I have my linux box running openssh and I have no problems SSHing into it from my remote laptop at work. I use putty to connect to it and create a tunnel so I can configure my firefox to use it as a SOCKS proxy. The problem is my response time for page loads in firefox is atrocious now. It'll take over a minute to load yahoo.com. The only real differences in my setup now are my ISP and router hardware at home. Previously, I was using the firewall that was built into my AT&T Uverse gateway. Now, I'm using my old Linksys WRT54G v5.0 router with the latest firmware. My linux box is wired directly into it with ethernet. When I run the speed tests from that box I get my correct speeds of 8Mbps up and down with <15ms ping. From what I can tell, all of my router settings are correct.

View 1 Replies View Related

Server :: CentOS 5 Make Qmailadmin Work With Lighttpd?

Aug 20, 2010

I have been searching in the forum and google but still not lucky enough to figure out yetI have a lighttpd server runningbecause apache consume so much CPU and memory) andqmailtoaster (just setup).Here is the configuration in cgi modules:

Code:
cgi.assign = ( ".pl" => "/usr/bin/perl",
".cgi" => "/usr/bin/perl",

[code]....

View 2 Replies View Related

Server :: Installing Lighttpd From Svn Unable To Start Script?

Aug 4, 2010

I have followed all the steps as mentioned on documentation.except automake (I am not clear as where to make automake)

I logged in as Root on a Ubuntu system
and then

Code:
cd /opt
svn checkout svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x/
cd lighttpd-1.4.x
./autogen.sh
./configure
make
make install

After this what do I need to do to be able to start the lighttpd ?After this I did not found any script /etc/init.d/lighttpd. so what more has to be done ?

View 14 Replies View Related

Server :: Lighttpd Access.log File Is 73 GB - How To Clear It Partially

May 19, 2010

I have an Ubuntu server running with lighttpd.

The file, access.log has utilized 73GB at: logs/lighttpd/, which contains data since 3 to 4 years (approx.)

So, i need to have only last 6 months logs in the file and the rest to be cleared.

View 4 Replies View Related

Server :: Lighttpd - Name Index.html Of Additional Domain?

Apr 13, 2011

For the 1st domain,say domain1. I name the index file as:

[code]...

3 identical files. It works seamlessly. On browser its webpage can be evoked. Now I add another domain, say domain2. How shall I name its index files?

[code]...

View 1 Replies View Related

CentOS 5 Server :: Installed Lighttpd - Get 404 Not Found In Browser

Jul 31, 2010

This is what I did till now and all was installed with success:
yum update
wget [URL]
yum install lighttpd
chkconfig --levels 235 lighttpd on
/etc/init.d/lighttpd start
Must I configure something else too? if yes... what?

View 2 Replies View Related

Security :: Centos 5.5 Server - How To Protect From Outside Attack

Dec 21, 2010

I have just configured Centos 5.5 LocalMailServer with fetchmail and sendmail , Proxy with Squid and FileServer with samba. Now my concern is security.. How can i protect my server with outside attack. Will I need to block some ports or I need special tools or script so no one from outside can attack my machine. My machine is working on intranet with local ip only.. No web server or static ip exists. Machine is connected with ADSL router to access internet.

View 5 Replies View Related

Security :: Track DDoS Attack On A Server?

Jan 25, 2011

how can I track a Dos and DDoS attack on a server . Does linux have any goiod known command line utilities and log files to us e in this way?

View 1 Replies View Related

Server :: Lighttpd: Backend Is Overloaded + Multiple Php-cgi Processes In D State?

Sep 24, 2010

I've got this problem for a few weeks and I cannot figure out. I'm pulling my hair out. I have a server installed PHP, lighttpd and redis. Sometimes, I got the following messages in the error log of lighty: Code: 2010-09-24 13:57:33: (mod_fastcgi.c.3011) backend is overloaded; we'll disable it for 1 seconds and send the request to anoth er backend instead: reconnects: 0 load: 567 2010-09-24 13:57:33: (mod_fastcgi.c.3011) backend is overloaded; we'll disable it for 1 seconds and send the request to anoth
er backend instead: reconnects: 0 load: 626 and:

[Code]..

View 3 Replies View Related

Software :: Cronjob Schedule To Run Php Script On Lighttpd Server Internally?

Mar 29, 2011

I know that you can access and run any script of the web by wget:

Code:

wget mydomain.com/page.php

But this is literally accessing it externally through the web, i think that it is safer and faster to access the script internally. I am using lighttpd to host my php pages, and is there a way to do that? I have had some hosting experiences, the cronjobs on the hosts let u input:

Code:

* * * * * php /public_html/path/page.php

View 2 Replies View Related

Fedora Security :: Server Seems To Attack The World Hacking?

Apr 10, 2009

I went away from home for a few days, ... Now I am back at home and noticed, that my server is going out with 100% available bandwidth. The server is mainly Http / Ftp / Mail server, so I stopped all services, to see which one it is. ervices stopped, still 100Mbps go out like ants in the flood.

I updated the system, made a backup, installed IPtraf. It seems that I have something 'installed' and my server is running something to attack User computers. It seems to try to find something on random IP's random ports. I am a little bit confused now. As long as my sites are running, I'm ~OK~ but sooner or later I would like to have my bandwidth back. How could I try to hunt down which service/app/process got hacked?

It seems that the monetary system of our society got now more enemy's than friends. Capitalism seems to reach it's end. But my server is serving also ART! Sooner or later we will need to pay copyright even for our thoughts. I was reading today, that the French president wants to punish file sharing as his wife made 3 albums, and wants to get some money ..

View 12 Replies View Related

Fedora Servers :: Server And Clients (NFS And NIS) Are In Continuous Attack Via Ssh?

Aug 25, 2009

My server and clients (NFS and NIS) are in continuous attack via ssh. Somebody is trying to guess password and login, and making port 22 busy.What are different ways to stop this attack?I am thinking to block this ip in iptable but I have no good idea because I have not done this before. Any special consideration do I have to take while doing this thing? How is it done and which file does it modify?

View 14 Replies View Related

CentOS 5 Server :: Tracing An Attack With A Wireshark Script

Jun 18, 2009

My data center informed me that my shared web hosting server is producing a massive attack. Attack against who? how? etc?... well.. other than "your server is generating an attack of over 150,000 UDP connections", they did not specify the target IP, nor the specific port. The attacks usually run for less than 5 minutes and pose a threat on the datacenter's firewall itself (from within).

I ran various searches on my server and came up with nothing. (over 300 websites with PHP in 25GB of data, database etc).

I do not allow any shell/bash other than myself, so no other logins are available. (I re-checked /etc/passwd for any bash).

I believe that there is probably some php fsckopen call or something to that degree that responds to a call from an external server. To make it easier to diagnose the problem and then stopping it, I need your assistance developing a simple tracing tool, methodology.

I have wireshark installed on the server.

My thoughts on how to capture this attack (which occurs at random) is as follow:

1. run a service that greps and count the UDP connections currently on the server and does this every 60 seconds. ( a simple one minute cron is enough).

netstat -a |grep UDP -cw

2. Currently the output shows: 0 (zero).

3. I do run a DNS server that can be queried, so I expect to see some UDP calls every so often. However, this is probably going to occur at < 50 entries.

4 . run this logic if no high loads on the server.

If servers load is < 3.00
{
If ( netstat -a |grep UDP -cw ) > 50
{
./tshark > wireshark.hacker.trace<timestamp>.txt;
email me an alert that "hey wireshark was triggered";
sleep (15)
killall -9 tshark
}
}

View 2 Replies View Related

Server :: Protect My Server From Syn Attack ?

Jun 15, 2011

I want protect my server from syn attack

My server Linux - Cantos 5.6.

View 8 Replies View Related

Server :: LDAP SERVER: Post A Tar.gz With The Working Configuration Files?

Jan 14, 2010

LDAP is endlessly not working, due to difficulties to simply configure it. I even cannot make the first steps of the installations ... It seems so difficult ... After many howto, wiki, reading, re-reading the errors are still there, always different, and not working.Is there an admin, coming from hell, that made running a LDAP server for sharing the basic configuratin files /var.. /etc... of a working LDAP Server in a tar.gz?

View 18 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved