Apache and 408s

Peter Barker pbarker at barker.dropbear.id.au
Mon Sep 17 17:49:23 EST 2001

On Mon, 17 Sep 2001, PsyeX wrote:

> I've found that 408's are caused by those icky machines infected with
> Codered scanning the internet for more machines to infect.

I was under the impression that Code Red machines never probed for
machines to infect; they simply blindly attack machines on the net... at
least, those are the variants I know of.

It's just been suggested that the machines may be so loaded by the
trillions of threads created by Code Red that they may be unable to
actually push the request out!

Could it be some sort of fingerprinting? I don't bother munging my
HTTP-headers, but if different apaches (or web-servers in general) handle
time-outs differently....

Peter Barker                          |   N    _--_|\ /---- Barham, Vic 
Programmer,Sysadmin,Geek              | W + E /     /\                
pbarker at barker.dropbear.id.au         |   S   \_,--?_*<-- Canberra      
You need a bigger hammer.             |             v    [35S, 149E]   
"When used legally and in its intended fashion, the Acrobat eBook Reader
 secures eBooks purchased by locking the eBook to the hardware from which
 it was purchased." -- Adobe press release

More information about the linux mailing list