[7459] in www-talk@info.cern.ch
Re: mystery NCSA httpd problems on gnn.com
daemon@ATHENA.MIT.EDU (Robert S. Thau)
Tue Jan 31 14:24:03 1995
Date: Tue, 31 Jan 1995 19:52:53 +0100
Errors-To: listmaster@www0.cern.ch
Reply-To: rst@ai.mit.edu
From: rst@ai.mit.edu (Robert S. Thau)
To: Multiple recipients of list <www-talk@www0.cern.ch>
Date: Tue, 31 Jan 1995 15:43:07 +0100
Reply-To: dmk@allegra.att.com
Precedence: bulk
From: dmk@allegra.att.com (Dave Kristol)
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
X-Comment: To sign off, send mail to listproc@info.cern.ch with body DEL WWW-TALK
Rob McCool said:
> ... the queue is used both for connections that are ready to be
> accepted as well as for half-negotiated connections. The latter can
> fill the queue, starving any new connections from being negotiated.
This sounds like a very interesting hypothesis. Suppose all the
pending connections were half-negotiated. The queue might be full, so
the server (actually, the OS) would reject new connections, but there
would be no completed connections to process.
This matches what we see... and, incidentally, if true, it makes for a
fairly neat denial-of-service attack against Unix-based TCP servers.
(If Mallet wants to disable rlogin and telnet on a machine he's in the
process of subverting, he just has to make his machine,
badguy.mallet.com, deliberately initiate five connections on those
ports and fail to complete the handshake).
Things that make you go hmmm...
rst
