[Koha] F5 Attacks

rfblanchard rfblanchard at hotmail.com
Fri Oct 7 05:35:54 NZDT 2016


Assume a basic opac search:
http://..../cgi-bin/koha/opac-search.pl?q=dog&branch_group_limit=branch%3A349

This would take about 10 seconds to return the first time.

Assume the user refreshes the results using f5 and keep there finger there a
moment to long (3s):
This would kill my server for about 1 minute.

Any attacker could easily make the server unresponsive indefinitely by
simply holding f5 on an opac search.

Any recommendations on how to deal with this problem?

here is a sample from top:

Tasks: 313 total,   3 running, 309 sleeping,   0 stopped,   1 zombie
%Cpu(s): 93.7 us,  5.2 sy,  0.0 ni,  1.0 id,  0.2 wa,  0.0 hi,  0.0 si,  0.0
st
KiB Mem:  16465036 total,  1532492 used, 14932544 free,    63180 buffers
KiB Swap:  8526844 total,        0 used,  8526844 free.   505124 cached Mem

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND
 7027 peischo+  20   0  416164 162924  12756 S  58.8  1.0   0:26.43
/usr/share/koha
 7009 peischo+  20   0  416800 163524  12756 S  56.5  1.0   0:33.77
/usr/share/koha
 7444 peischo+  20   0  129832  15216   5900 R  37.2  0.1   0:01.12 zebrasrv
 7445 peischo+  20   0  129832  15216   5900 R  35.6  0.1   0:01.07 zebrasrv
 1151 mysql     20   0  886564 181096  10808 S   8.6  1.1   1:27.57 mysqld
 7435 koha      20   0   25892   3272   2528 R   0.3  0.0   0:00.03 top
    1 root      20   0  176144   5044   3096 S   0.0  0.0   0:01.43 systemd
    2 root      20   0       0      0      0 S   0.0  0.0   0:00.00 kthreadd



--
View this message in context: http://koha.1045719.n5.nabble.com/F5-Attacks-tp5906098.html
Sent from the Koha-general mailing list archive at Nabble.com.


More information about the Koha mailing list