MyBB Community Forums

MyBB Community Forums > Community > General Discussion > Web Development and Administration > PHP and Hash DOS
Full Version: PHP and Hash DOS
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Euan T

2011-12-29, 09:08 PM
Anybody heard of the Hash DOS (Denial of Service) attack that affects PHP, ASP.NET and more? Take a look at this: http://arstechnica.com/business/news/201...attack.ars

Pretty scary stuff, eh? Millions of sites are potentially vulnerable across multiple languages and platforms. Microsoft are working on a fix right now and have released details to circumvent the attack. You can follow the details on Hash DOS by following the twitter hashtag #hashdos.

pyridine

2011-12-29, 09:13 PM
O.o I just had a dream extremely similar to this. Creepy.

Dragonzsoul

2011-12-29, 10:52 PM
stranger I never heard it!!

Josh H.

2011-12-30, 01:24 AM
Great. And web hosts will adopt this patch from php when??? Usually updates almost never occur on active servers, so I wonder how this would end up once exploited in the wild.

I wonder if CloudLinux helps in this. I know my host uses it, and it limits resource usage hugely at the kernel level, which helps to provide reliability and performance. In other words, if one website has a spike in traffic, only that account gets affected, not the whole server.
Attackers would only need to attack several websites on a server though to cause the DoS condition.

CloudLinux doesn't totally stop DoS type conditions by resource usage limits, because a DDoS was launched at them earlier this year, which actually didn't impact a whole lot except for some spotty time outs.


I guess we will see how it ends up when attackers exploit this on a large scale...
MyBB Community Forums > Community > General Discussion > Web Development and Administration > PHP and Hash DOS