Tau: Difference between revisions

From DISI
Jump to navigation Jump to search
(Created page with "Due to tau's spree of crashing, relevant information on tau will be recorded here for referencing [root@he shm]# date Wed Sep 21 20:09:55 PDT 2016 [root@he shm]# virt-fil...")
 
(slowloris mitigation included)
 
Line 1: Line 1:
Due to tau's spree of crashing, relevant information on tau will be recorded here for referencing
tau is one of our webservers which hosts zinc12, zinc15, irwinlab, and dude18
[root@he shm]# date
Wed Sep 21 20:09:55 PDT 2016
[root@he shm]# virt-filesystems --long -h --all -a tau-disk1.qcow2
Name                  Type      VFS  Label MBR Size Parent
/dev/sda1              filesystem ext2 boot  -  150M -
/dev/vg_system/lv_root filesystem ext4 -    -  11G  -
/dev/vg_system/lv_swap filesystem swap -    -  3.5G -
/dev/vg_system/lv_root lv        -    -    -  11G  /dev/vg_system
/dev/vg_system/lv_swap lv        -    -    -  3.5G /dev/vg_system
/dev/vg_system        vg        -    -    -  15G  /dev/sda2
/dev/sda2              pv        -    -    -  15G  -
/dev/sda1              partition  -    -    83  150M /dev/sda
/dev/sda2              partition  -    -    8e  15G  /dev/sda
/dev/sda              device    -    -    -  15G  -


  [root@tau ~]# free -h
===slowloris mitigation===
              total      used      free    shared    buffers    cached
A slowloris attacker is causing websites hosted on the tau webserver to get hung up and connection timeout.  ZINC12, ZINC15, irwinlab, and dude18 all hung during this time. I've determined this is due to a slowloris attack judging by the fact that /var/log/httpd/error_log displays the MaxClients value has been maxed out and that tau.compbio.ucsf.edu/server-status shows every single server socket getting occupied by a '..reading..' value.
Mem:          3.7G      3.6G      121M      308K        41M      2.9G
 
-/+ buffers/cache:      720M      3.0G
https://ma.ttias.be/effectively-using-detecting-the-slowloris-http-dos-tool/
Swap:        3.5G        0B      3.5G

Latest revision as of 23:33, 28 December 2018

tau is one of our webservers which hosts zinc12, zinc15, irwinlab, and dude18

slowloris mitigation

A slowloris attacker is causing websites hosted on the tau webserver to get hung up and connection timeout. ZINC12, ZINC15, irwinlab, and dude18 all hung during this time. I've determined this is due to a slowloris attack judging by the fact that /var/log/httpd/error_log displays the MaxClients value has been maxed out and that tau.compbio.ucsf.edu/server-status shows every single server socket getting occupied by a '..reading..' value.

https://ma.ttias.be/effectively-using-detecting-the-slowloris-http-dos-tool/

Retrieved from "http://wiki.docking.org/index.php?title=Tau&oldid=11225"