You can configure a pair of properties on your proxy server or DMZ Secure Proxy Server for IBM® WebSphere® Application Server to limit your risk against denial of service attacks involving the buffering of large HTTP payloads.
Protection is included to guard against the security breach known as a denial of service attack, which can send more traffic to a network address than the data buffers were designed to accommodate. The proxy server and DMZ Secure Proxy Server for IBM WebSphere Application Server have several properties that can be configured to limit your risk against denial of service attacks involving the buffering of large HTTP payloads.
A denial of service attack is a malicious type of security breach to a computer system that does not usually result in the theft of information or other security loss. This type of attack can typically send more traffic to a network address than the data buffers were designed to accommodate, resulting in a loss of memory. HTTP allows for the body of a message to be sent to an HTTP server as an HTTP request or an HTTP response. The body can be sent to the HTTP server in a series of sequential network writes instead of being sent in one large network write. This process is known as Transfer-Encoding chunking. The maximum size of a Transfer-Encoding: chunked response body and a Transfer-Encoding: chunked request body can be set to determine how much data is buffered before a network write is performed.
In this information ...Subtopics
Related concepts
Related tasks
| IBM Redbooks, demos, education, and more(Index) |