Hi Zookeeper expert, we encountered a slow attack problem, described as follows, please help to analyze and confirm, thank you very much

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Hi Zookeeper expert, we encountered a slow attack problem, described as follows, please help to analyze and confirm, thank you very much

zhanggang

 

Hi Zookeeper expert, we encountered a slow attack problem, described as follows, please help to analyze and confirm, thank you very much.

 

Problem:

In the client using some method (such as telnet) to establish a tcp connection with server-side zookeeper listening port , but after the establishment of tcp connection, the client does not send any data. However, apache will not disconnect this tcp connection, may lead to the number of connections exhausted , Resulting in DOS

 

The attack process

1. The client executes the telnet service port

Start the client telnet server port 8885,8888,8889, do not exit for a long time:

Excuting an order:

telnet 3.101.3.119 8885

telnet 3.101.3.119 8888

telnet 3.101.3.119 8889