Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Nessus scan caused Apache to die

from [nessus] Network Security [Permanent Link]
Subject: Re: Nessus scan caused Apache to die
Date: Fri, 28 Jan 2005 09:36:51 +0000 (GMT) 

On Fri, 28 Jan 2005, Bart Verwilst wrote:


To: nessus@list.nessus.org
From: Bart Verwilst <Bart.Verwilst@hostbasket.com>
Subject: Nessus scan caused Apache to die

Hi,

I ran a nessus scan on a subnet, and noticed that an apache went down...
While reviewing the logs, it seemed that nessus spammed the apache
server with 1-2 requests per second for an hour.. It clearly was trying
every vulnerability in the book.. I had the 'not-dangerous' option on,
but it wasn't the actual tests, but the sheer quantity that brought it
down.. Any ideas on how I can stop this from happening the next time?
Thanks in advance!

Bart Verwilst


Apache under Linux should be able to handle alot more
requests than that per second, without crashing or dieing.

It may be that your resources are set too low in httpd.conf.

Also, Take alook in the Apache documentation at
manual/misc/perf-tuning.html.

This applies to the 1.3.x series under Linux.

AFAIK, the windows 1.3.x version is not as robust as the
Linux 1.3.x version.


From the 1.3 Linux documentation:


-- quote --

Note that this is tailored towards Apache 1.3 on Unix. Some
of it applies to Apache on NT. Apache on NT has not been
tuned for performance yet; in fact it probably performs very
poorly because NT performance requires a different
programming model.

-- unquote --

HTH

Kind Regards - Keith Roberts





_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Nessus scan caused Apache to die, Bart Verwilst
Next by Date:  Nessus results & MS SQL Server DB, dirtyceo
Previous by Thread:  Nessus scan caused Apache to die, Bart Verwilst
Next by Thread:  Nessus results & MS SQL Server DB, dirtyceo
Indexes:  [Date] [Thread] [Top] [All Lists]