RE: [squid-users] limit number of request per pconn

From: Stefan Palme <[email protected]>
Date: Wed, 10 Jan 2007 12:57:46 +0100

No, its always the same list of URLs, which don't even exist
on the site... Looks like trying some known backdoors (without
success)...

-stefan-

On Wed, 2007-01-10 at 12:43 +0200, Hamed Adel wrote:
> I don't think that is attack it just users download high things a lot of
> time as every time it happen with me it happen from different sites with
> different users.
>
> Eng . Hamed Adel
> Senior Network Engineer
> Mail: hamedadel@egyptnetwork.com
> Tel : +2 0502528897
> Mob: +2 0103503888
> Fax: +2 0502528897
> Web site: www.egyptnetwork.com
>
>
> -----Original Message-----
> From: Stefan Palme [mailto:kleiner@hora-obscura.de]
> Sent: Wednesday, January 10, 2007 12:32 PM
> To: squid-users
> Subject: Re: [squid-users] limit number of request per pconn
>
>
> > There is generally no such answer ("no") in the world of open source
> > when it comes to features.
>
> Ok, so the original question has been, if there is such a feature
> built into the current squid version :-)
>
>
> > It's not implemented in Squid as there is no known technical reason why
> > one would like to limit the number of requests a client can send over a
> > single persistent connection to Squid. So I am wondering why you would
> > like to limit the number of requests per connection to see if there is
> > something we have overlooked and there is a valid reason to have this
> > feature implemented.
>
> No, you don't have overlooked something - I need this because of some
> strange attacks from outside, which make >1500 senseless requests per
> persistent connection (and very fast). But when the connection is
> closed, they don't try again (don't ask why - I don't know). So I wanted
> to limit the number of requests per pconn, because it does not really
> harm "regular" users, but keeps those "attacks" out.
>
> And no, locking out the "bad" IPs is not that easy - every "attack"
> comes from a different one :-)
>
> Regards
> -stefan-
>
>
>
>

-- 
-------------------------------------------------------------------
Dipl. Inf. (FH) Stefan Palme
 
email: kleiner@hora-obscura.de
www:   http://hbci4java.kapott.org
icq:   36376278
phon:  +49 341 3910484
fax:   +49 1212 517956219
mobil: +49 178 3227887
 
key fingerprint: 1BA7 D217 36A1 534C A5AD  F18A E2D1 488A E904 F9EC
-------------------------------------------------------------------
Received on Wed Jan 10 2007 - 04:58:00 MST

This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST