karavelov - Slashdot User

Comment Re:Why is Gnome included in the Title? (Score -1) 140

by karavelov on Wednesday August 05, 2009 @01:21PM (#28960009) Attached to: XML Library Flaw — Sun, Apache, GNOME Affected

Gnome parser is not even mentioned in the article but appears in the /. title...

Comment lighttpd and nginx (Score -1) 203

by karavelov on Friday June 19, 2009 @02:34PM (#28393193) Attached to: Attack On a Significant Flaw In Apache Released

I have tested this DoS attack against lighttpd and nginx. Out of the box both servers are vulnerable (despite the note in the announcement that lighttpd is not vulnerable, just use enough number of connections). Nginx could be configured to not be affected by this type of attacks:

Put in "http" section:

client_body_timeout 10; client_header_timeout 10; keepalive_timeout 10; send_timeout 10; limit_zone limit_per_ip $binary_remote_addr 1m;

and put in "server" section :

limit_conn limit_per 16;

The last 2 configuration lines are for limiting connections per client IP. This fist lines are same sane connection timeouts.

May be lighttpd could be configured in a similar manner but I am not a spec in it.

Best regards

Comment the languages you wish not to use (Score -1) 264

by karavelov on Wednesday October 15, 2008 @06:02PM (#25390847) Attached to: 6 Languages You Wish the Boss Let You Use

No. I do not know the languages that the boss should allow me to use. But I know at least 6 languages I do not want to use: PHP,Java,C++ (C is OK), Basic and its derivatives, ASM, etc...

Slashdot Top Deals