[erlang-questions] Efficient Denial of Service Attacks on Web Application Platforms and it's effects in Erlang?
Fri Dec 30 12:25:38 CET 2011
Zotonic uses lists as well.
Sent from my iPhone
On 30 dec. 2011, at 11:49, Loïc Hoguin <essen@REDACTED> wrote:
> Cowboy uses proplists for this.
> On 12/30/2011 10:47 AM, Dmitrii Dimandt wrote:
>> Hi all.
>> Efficient Denial of Service Attacks on Web Application Platforms:
>> It's not strictly platforms that are targeted, it's languages (!)
>> Most of the time web forms are processed and stored in hash tables.
>> It is quite easy to craft a request with hash table collisions.
>> PHP, Java, C# (ASP.NET <http://ASP.NET>), Python, Ruby — all are vulnerable.
>> PHP: 1 Gbit/s attack will keep ~10.000 i7 cores busy
>> Python: 1 Gbit/s attack will keep ~5·104 Core Duo cores busy
>> The link above contains technical details
>> I wonder if Erlang-based web platforms/servers etc. are affected and if
>> they are affected?
>> Specifically, I'm worried about
>> - Yaws
>> - Mochiweb
>> - Webmachine
>> - Misultin
>> - Cowboy
> Loïc Hoguin
> erlang-questions mailing list
More information about the erlang-questions