Hi, I have a web server which has CentOS Linux 2.6.18-028stab059.6-ent kernel and Apache 1.3.37 running on it.
2 days back I got one script to test DoS attack on website. It is called slowloris.pl from http://ha.ckers.org/slowloris/
I run that script against my server and it worked. It stopped my website for some time. That time all other services like SSH were working fine.
Can anybody suggests any configuration changes at Apache and OS/Kernel level to prevent from this type of attack ?
Currently I am using following settings:
Timeout 300 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 5 MinSpareServers 5 MaxSpareServers 10 StartServers 5 MaxClients 150 MaxRequestsPerChild 0
Then Kernel settings are like : tcp_keepalive_time 7200 tcp_keepalive_time 9 tcp_keepalive_intvl 75 tcp_syn_retries 5 tcp_synack_retries 5 tcp_fin_timeout 60